2016-04-14 12:07 pm
Entry tags:

There are only two ethernet settings

I can't beleive I have to write this in 2016, more that twenty years after the bug in the DEC "Tulip" ethernet controller chip which created this mess.

There are only two ethernet speed and autonegotiation settings you should configure on a switch port or host:


Auto negotiation = on


Auto negotiation = off
Speed = 10Mbps
Duplex = half

These are the only two settings which work when the partner interface is set to autonegotiation = on.

If you are considering other settings then buy new hardware. It will work out cheaper.

That is all.


Oh, so you know what you are doing. You know that explicitly setting a speed or duplex implicitly disables autonegotiation and therefore you need to explicitly set the partner interface's speed and duplex as well.

But if you know all that then you also know the world is not a perfect place. Equipment breaks. Operating systems get reinstalled. And you've left a landmine there, waiting for an opportunity...

A goal of modern network and systems administration is to push down the cost of overhead. That means being ruthless with exceptions which store away trouble for the future.

2015-01-08 10:42 am
Entry tags:

Hansard, ACT Parliament, 1992-09-16

Mr Stuart Gill

MR STEVENSON (4.29): Madam Speaker, last year I made a number of statements in this Assembly concerning links between organised crime and the pornography industry in Australia. I had received information on these matters from Stuart Gill, who told me that he had been a senior investigator with the Costigan royal commission. He had also said that he was working with the Victoria Police as a consultant and had worked in that capacity for some time. That was later confirmed in a letter of 24 May 1991 by Inspector Cosgriff of the Victoria Police Internal Security Unit.

I hired Gill on staff to assist me in matters relating to pornography and organised crime. During that time Gill told me that a man named Gerald Gold had been named as a leading eastern States crime figure in a confidential segment of the final report of the Costigan royal commission. As a result of that information, I made statements in this Assembly concerning Mr Gold that I now believe were wrong. I later came to understand that Stuart Gill was not a police consultant but was, in fact, an informer for the Victoria Police. Gill left my employ in October last year.

Yesterday the Victorian media reported on allegations about widespread police and political corruption resulting from an investigation named Operation Iceberg. The Victoria Police Commissioner, Mr Kel Glare, stated yesterday that the allegations were not only unsubstantiated but utterly false. The commissioner said that the Operation Iceberg document was not a police report but had been prepared by a police informer. That police informer has been named as Stuart Gill. I am aware that Stuart Gill was born under the name of Paul Dummett and has also used the name Andrew McAuley.

I wish to take the opportunity to apologise to Mr Gerald Gold for any difficulties he may have been caused by statements I made in this house. Gill also stole documents from my office and spread misleading stories about me to the media. I have formed the opinion that Gill is a pathological liar. I have spoken to other people in Victoria - I made a trip to Victoria - and they have told me of certain fraud and other offences which they have said have not been prosecuted. Perhaps this situation in Victoria will give the police an opportunity to put this matter to justice.

MR HUMPHRIES (4.31): Madam Speaker, first of all, I commend Mr Stevenson for that statement. I have had many representations from Mr Gold. I think it took some courage for Mr Stevenson to come into the house and say that he was wrong in things he had said about Mr Gold based on information supplied to him. That is good news for Mr Gold and a tribute to Mr Stevenson.

2014-11-11 04:06 pm
Entry tags:

USB Vendor ID for documentation

If you are writing documentation then you don't want to use an assigned magic number, like a real IP address or a real DNS name. That can readily lead to: misunderstandings; operational difficulties for the vendor's equipment if the number escapes from documentation into production; and difficulties for the author because of the risk of defamation and trademark infringement.

For these reasons standards associations commonly issue a range of their magic numbers for documentation purposes. For example, the IETF issued magic numbers for documentation in RFC2606 for DNS names, in RFC5737 for IPv4 addresses and in RFC3849 for IPv6 addresses.

I was writing some documentation for using udev, and rather than defame some vendor by suggesting that their product may need a workaround, I asked the USB Implementors' Forum if there is a USB Vendor ID for documentation purposes.

Sadly, there is not:

From: USB-IF Administration <redacted>
Subject: RE: Vendor-ID for use in documentation
Date: 11 November 2014 2:34:21 PM ACDT
To: Glen Turner <redacted>

Dear Glen,

Thank you for your message. Vendor IDs (VIDs) are owned by the vendor company and are assigned and maintained by the USB-IF only. We do not have a generic VID for documentation.

Regards, redacted

2014-11-01 08:34 am
Entry tags:

Centrelink's PLAID broken

Jean Paul Degabriele, Victoria Fehr, Marc Fischlin, Tommaso Gagliardoni, Felix Günther, Giorgia Azzurra Marson, Arno Mittelbach, Kenneth G. Paterson. Unpicking PLAID. A cryptographic analysis of an ISO-standards-track authentication protocol.

Upon public release in 2009 PLAID was claimed to have been the subject of three years' cryptanalysis by the then Defence Signals Directorate. With that in mind the sections at the end of the paper about misuse of CBC are more concerning than the exploitation of shrill keys.

2014-06-14 01:42 am
Entry tags:

Coloured UTP cables considered harmful

The rainbow hurts my eyes

One colour for links to client computers, another colour for links to servers, another colour for phones. Sounds like a wonderfully organised network.

Don't do it.

The reason is stocking. You want a good stock of UTP cables. Ten or twenty in lengths from 0.5m to 3m in every increment available (typically 0.5m), then 5m, 10m, 15m.

It is much more important to use the correct length cable than it is to have some colour scheme. The more colours you have, the less stock of each colour in all the lengths you will carry.

Why is it important? Cable control. If you stock every length the average slack you need to dispose of in a cabinet is 25cm, the worst case is 49cm. If you are missing just one size the average becomes 75cm and the worst case becomes 149cm, both of which are a significant amount of cable to route out of the way. You do that more than one or twice then your cabinet is a cabling disaster zone. You'll never be able to remove a cable easily, which means you won't, which will snowball over the years.

Consider one exception: cross-over cables. Make these some non-red noticeable colour (red has a special meaning and you shouldn't be using it in patch cabinets). I use pink. You need one length: 0.5m. You need one type: the "gigabit ethernet four-pair crossover". To use the cable plug it into the interface of the equipment, attach a Cat6 through-connector, and then cable using your typical patch leads. Why as long as 0.5m? Because that is enough to clear the equipment and place the through-connector outside of the equipment's own cable control.

Coloured patch leads indicate that you lack sufficient records of your cabling plant and sufficient labelling to audit those records against the plant. If you feel the need for coloured cabling "to prevent error" then I suggest you look to improving your record-keeping.

2014-02-17 04:13 am
Entry tags:

Song meanings

Right here, right now by Jesus Jones is not about my generation's angst at missing the '60s. It is about the fall of the Berlin Wall and end of the Soviet empire. "Watching the world wake up from history" means that we watched the Berlin Wall fall on the television; "history" meant the deadly stasis of the Cold War. "Woman on the radio talks about revolution but it has already passed her by" and the reference to Dylan is a criticism of the poor quality of news analysis offered by a media staffed by the '60s generation.

Babylon by David Gray is not a song about religion. It is a song about accepting fault for a failed relationship and striving to become a better person to get the girl. It is set in a large modern city with traffic, crowds, drugs -- a Babylon if you will. The sometimes-played third verse makes the relationship aspects more explicit and names the city as London.

And why we are at it: Royals by Lorde isn't celebrating celebrity culture. It's comparing the real life of teenagers ("we count our dollars on the train to the party") with the image of teenagers in celebrity culture ("but every song's like gold teeth, grey goose, trippin' in the bathroom"). There's also an acknowledgement of her recent success ("We're bigger than we ever dreamed... Life is great without a care") whilst still rejecting celebrity culture ("We aren't caught up in your love affair").

2013-10-30 12:09 pm
Entry tags:

Phone numbers are not integers

Dear HSC students,

Despite what you may have been told, phone numbers are not integers. Consider the well-known phone number 000. This is not the same as the phone number 0.

Strictly phone numbers are a ordered set, each element of the set being one of ('0', '1', ..., '9').

Depending upon the application the number might be a local number (55501234), a full national number (255501234) or a full international number (61255501234). Moreover phone systems may require 'access codes' to identify the type of number (the good old "dial 9 to get an outside line"), so the dialled number may have not much to do with the phone number. This all means there may be no reliable comparison operator for phone numbers.

Phone numbers are ordered, but numbers which dial with less digits appear earlier appear before numbers which dial with more digits (that is, a breadth-first traversal of an ordered tree).

Complicating the character set there are additional characters in the Touch Tone set: '*', '#', 'A', 'B', 'C', 'D'. There are also two signals in the Plain Old Telephone Service: pause and hook flash, traditionally written as ',' and '!'.

There is also a great deal of syntatic sugar. The most notable being '+' used to represent an international number. When dialling '+' the system substitutes the international access code (such as 0011 in Australia). Other sugar includes '(', ')', '-' and space.

The most expeditious way to represent a number is to use a string. With a reduced character set if you must, but real world programmers know that's just asking for trouble when faced with a real number like "(02) 5550 1234 ask for Jane".

2013-06-16 11:14 am
Entry tags:


A difficult thing for vendors, this sponsorship of conferences and events. Ideally you want those present to go away and remember that you sponsored the conference, and to have more knowledge of your products. One way to do this is with product literature. Another way is with branded gifts. A question with gifts is if you offer them to everyone (including your potential customers) or have a lusted-after gift which you offer as a prize.

All choices are problematic. Which is why vendors so often waste their money.

But here's a few ideas:

  • Invent something everyone wants. In my field of data communications: a tape measure in Rack Units.

  • Supply something everyone didn't pack. In Seattle, an umbrella. In Adelaide, a hat. A purpose-made map of the town showing the geek highlights. Tickets to a local production of one of Terry Pratchett's Discworld books.

  • Play to your strengths. When in Adelaide, give wine or food. Pack it so it will travel, label the package so that people can fill in their customs and quarantine forms correctly.

  • Explain your product. Forget the brochures. Take a room near the conference, set a time after the main events, offer drinks and nibbles, and get one of your presentable technical staff to explain how the thing works. Have the product on hand. Not just one, but several, with at least one disassembled (use clear plastic covers if you must). If it's cheap then raffle one off to the attendees. Get your sales staff to mingle and work their magic.

2008-06-20 08:24 pm
Entry tags:


These guys are starting to get on my nerves.

Their plagiarism page has a pie chart with this data. Elsewhere on the site they say this data comes from their corpus of plagiarised papers.

How students plagiarize

Entire paper copied 1.00%
Significant plagiarism 29.00%
No plagiarism 70.00%

Now what are the odds of the two data points ending on an exact percentage? One in 10,000. So there's a 9,999 in 10,000 chance that the figures are not exact to degree to which they are presented. That's either sloppiness or academic misconduct (claiming a quality of result not supported by the data).

There is also a category missing. Surely some 0.01% or more of the papers can't be categorised as plagiarised or not?

What are the odds of the convenient 70%/30% split between no/yes plagiarism? Remember this data is claimed to be from real life, not marketing.

A stunning hypocrisy from a site claiming to be opposed to academic misconduct.

2008-02-14 04:37 pm
Entry tags:

Global warming options closing down to worryingly few

Two of the options for dealing with global warming have run up against walls this week.

The cancellation of the development of the FutureGen clean coal power plant is the end of clean coal as an option for electricity generation.

Science carries a paper on the carbon costs of ethanol-as-fuel showing that this will increase emitted carbon. This surprising result is because ethanol crops force food crops into more marginal soils, and the benefits from ethanol can't make up for the addition carbon needed for the less efficient food production and distribution. Worse still, the falling efficiency of food production leads to starvation in some low income farming countries if biofuels are used within the US at the level at which fossil fuels are currently used.

None of this is happy news. Remaining viable options are: a radical reduction in the consumption of energy, solar, and nuclear (and it's unclear if nuclear will remain on the list, as there's been some scientific bastardry in studies of the carbon life cycle in nuclear power generation and we'll need to wait for GW Bush to leave office for the results). It also marks the end of the viability of the car. It's unlikely that this scale of social change in acheivable in the time required to avoid large environmentally-caused catastrophes.

2007-12-31 11:00 pm
Entry tags:

Light bulbs

At a party when some bore says that compact fluorescent lamps use more energy across their lifetime than incandescent lamps. I wasn't going to argue with someone with such a startling lack of economic thinking, but the view seems surprisingly widespread.

Let's start simply. After purchase the fluorescent uses 8W, the incandescent uses 60W. The fluorescent lasts longer than the incandescent. So the fluorescent uses less energy after purchase.

Prior to purchase the more complex fluorescent is going to use more energy to manufacture, but how much more? Well, energy isn't a free resource, so in a free market the energy used to create the good is included in the price of the good. So, the fluorescent uses less than $3 in energy, the incandescent less than $0.10. So the fluorescent has to save $2.90 across its operating life to make up for the additional energy taken to create it, which it does.

That leaves us with two externalities. Pollution generated during the manufacture of the fluorescent and pollution generated by the disposal of the fluorescent. My guess, for which I have no proof, is that the costs to the community of these two externalities do not differ by 30x between the incandescent and the fluorescent, which is what it would take to change the superiority of the fluorescent.

Updated: spelling corrected

2007-12-31 08:24 pm
Entry tags:

RIAA and iPod

It had to happen and it finally has. RIAA are suing an individual for copying a track from a CD they bought to a PC. The legal uncertainty which allows this to happen is the downside of the fair use approach to copyright legislation, which lists principles of when the reproduction of works is allowed without a license.

What we have in Australia is fair dealing, a black letter law where each exemption from obtaining a copyright license is clearly defined. Making one copy of a CD track to place on your MP3 player is one of the actions listed.

Anyone who has used iTunes will notice the drafting error -- "one copy". iTunes makes two copies -- one is stored on the computer and one is stored on the iPod. Everyone who uses iTunes to copy CD tracks are breaching copyright. You need to rip the track directly to the MP3 player, something iTunes does not allow.

All of this is particularly ironic, since iTunes works the way it does to limit unauthorised music copying. If you use your iPod like a USB disk to copy tracks from your friends iPods then iTunes deletes those tracks when you reconnect the iPod back at home.

The Australian Copyright Act is also deficient because it fails to acknowledge that many CDs are shared property -- belonging to a household rather than to an individual. If a mother and daughter both rip the same CD then one of them has broken the law. Makes you wonder about the private life of politicans, who use the words "family friendly" but can't imagine how their legislation might translate to actions within the home (are we expected to put stickers on CDs saying "E ripped this -- hands off"?).

I think the small reforms to the Copyright Act concerning MP3 players were designed to prevent a community backlash when an organisation like MIPI prosecutes some unfortunate individual. Unfortunately, these two drafting errors leave the MIPIs of this world plenty of scope to generate embarrasment for politicans and ruin for individuals.

2007-12-28 04:29 am
Entry tags:

US petrol prices explain a lot

New Hampshire gasoline: US$3.00 per US gallon, which is $A0.90 per litre. Adelaide petrol: A$1.42 per litre.

2007-12-27 10:47 pm
Entry tags:

Qantas and lost luggage

A month ago I landed at Adelaide, on a direct flight from Canberra, and my bags had gone somewhere else. Virgin Blue gave me a call that evening and I had my bags by mid-morning.

Ten days ago my daughter landed at Adelaide, on a direct flight from Canberra, and her bags had gone somewhere else. Qantas gave us a reference number and a phone number to call in the morning.

That reference number calls up a record on a "Global Tracker" web site. It is a database record containing a description of the bag, the flight, and where to deliver the bag when it is found.

Now the bad news, when you call the phone number, Qantas simply read that screen back to you and tell you to keep waiting. You can ring the Baggage Services at the various airports directly, but they don't answer the phone in Sydney or Canberra and don't return answering machine messages in Adelaide. I went to the Adelaide airport and chatted to the baggage people, who searched for the bag. I asked if the same could be done in Canberra and Sydney, but they had the same contact numbers I had and couldn't get anyone to answer either.

Unless there is a miracle my daughter will never see that bag again. Qantas do offer some money after three weeks. But of course that's not much use in replacing the Learner Driver's Log Book (it turns out that if you lose this, in whatever way, you simply have to start over) or her own-made dresses.

The lesson would seem to be twofold. Firstly, don't trust the airline with your luggage. Hard advice considering the increasing restrictions on airline cabin baggage.

Secondly, mark you bag so obviously even Blind Freddy can spot it a mile away. If you describe your bag as "purple with diagnal yellow stripe" then it's not going to end up ignored in some corner like my daughter's brown suitcase.

And do put your name and mobile number on the luggage tag. Otherwise the airline just tries to match the description of the bag on the database with the description of found bags. That's bad news, since if the finder of the bag misdescribes it (maybe they don't notice the zipper) then it will never match the database entry for the lost bag.

2007-11-29 02:43 pm
Entry tags:

Mungo Maccallum

One of the greatest political writers in the country has been writing for his local newspaper. Poltical corrections. He's never been very impressed by John Howard, treasurer or prime minister. Nor Peter Costello:

But if Howard was wrong about most things, he at least got Peter Costello right.

For eleven years the man sat their drooling, lusting after the leadership of his party, talking up a storm to his credulous colleagues, plotting with sycophants, sending out his dwarfish messenger Glenn Milne to relate improbable stories of his talent and support. He never actually had the guts to do anything about it, but by golly he let it be known that when the opportunity came, he would show us all.

And when his party was not only ready to offer him the prize, was indeed in real need of his services, Costello spat the dummy right out of the ground. Prime Minister, with all the trappings of office and all the resources of government, would be just fine; but leader of the opposition, the challenge Kevin Rudd took on at precisely Costello’s age before sweeping to victory in less than a year, looked just a little too much like hard work. Poor Petey-pie, too old at fifty, too lazy at any time.

Mungo's skill is to take what we all know, but to write it out so clearly that it seems new.

2007-11-29 01:07 am
Entry tags:


It all looks so easy, fill in a structure of the packets you want to see:

memset(&helper, 0, sizeof(struct nf_conntrack_helper));
/* Information about this conntrack module. */
helper.name = "skinny";
helper.me = THIS_MODULE;
helper.help = skinny_conntrack_helper;
helper.max_expected = 1;
helper.timeout = 0;
/* Send all Skinny packets to this conntrack module. */
helper.tuple.src.l3num = AF_INET;
helper.tuple.dst.protonum = IPPROTO_TCP;
helper.tuple.dst.u.tcp.port = htons(2000);

and then kick it off

ret = nf_conntrack_helper_register(&helper);

Now skinny_conntrack_helper() should be called for each TCP packet on port 2000. But it's not, it's called for almost anything but. The registration comes with a mask option, so I use that too, even though little of the kernel conntrack modules use masks (if so, how do they work? Do they work?)

helper.mask.dst.protonum = 0xff;
helper.mask.src.l3num = 0xffff;
helper.mask.dst.u.tcp.port = __constant_htons(0xffff);

No difference. Sigh. I'd love some up-to-date documentation at this point. But that appears to be too much to hope for. "Use the code Luke" is just confusion, since practice there seems contradictory. And I've wasted a whole evening over this, sigh.

2007-11-27 09:54 am
Entry tags:

Cisco and me

Having used Cisco Systems' code in my examples at the IPv6 Summit some people think I am anti-Cisco or something. That's absolutely not so. The reason I used their code was simply because I know and trust them.

I know that they hate having shortcomings in their software and that the LART will be wielded internally to make those go away.

I trust them that I can point these out in a public forum without Cisco people becoming upset. They have been in the industry long enough to know that not everything works as you would hope.

I could name manufacturers where neither of these points apply. Vendors whose name I would hesitate to name in public, whose configuration extracts I would never use in a public forum. [And no, I don't mean J or F]

Cisco are remarkably open, something they get far too little credit for. The networking world is full of manufacturers who have password-protected access to basics like documentation; who don't give customers access to bug databases; who monitor forums and delete threads that are the least bit critical.

That behaviour has set a good benchmark for their major competitors too. Juniper's early restriction of access to manuals and other materials has been removed and the access pretty much parallels that of Cisco's web site.

2007-11-26 10:54 am
Entry tags:

Cisco can't do physical design

I do wish Cisco would hire some decent mechanical engineers. Yes, I know they left and went to Juniper, but you've had a few years now to recruit some more.

Had a ECC error on a 6509-NEBS card, these are sticky errors and the card needs a power restart to get rid of them (and thus determine if they are random or not). Any other manufacturer I could drop the power to the card from the command line, but Cisco are "friendlier" to enterprise customers than that and I need to physically eject the card.

When I reinsert it the box reboots. WTF! Turns out this is a known flaw in the chassis design -- push the top end of the card in first. Nowhere is this mentioned in the documentation. Nor was it pointed out by the Technical Assistance Centre staffer who asked for the card to be reinserted -- rather that person was upset that I'd kept the task open whilst arranging a 3AM slot for hazardous work, saying that it was risk free and could be done at any time. [This is typical behaviour for the TAC, they get a task into Customer-Pend as quickly as possible under almost any pretext; then they try to close it within a few days, no matter what the actual state on the ground.] Hmmm.

Rang the TAC manager to bitch. They simply aren't interested. Cisco staff seem to think that a spontaneous reboot on a physical event isn't unreasonable. Very much like the early days of Windows when people came to ignore operating system crashes as just part of the whole computing experience rather than as an engineering failure.

2007-11-17 02:21 pm
Entry tags:

Left wing university staff

Tim wonders why university staff are nearly all left wing. Take a person, they do a job helping others and the community when they could be making money (in my field the salary of a uni lecture is about half the going rate of the same expertise applied to business). That role naturally attracts people with left wing beliefs of the greater good of the nation.

2007-11-17 09:49 am
Entry tags:

AusKick, you suck

The AFL runs a football programme for kids. If you have a (a) 6 year old or (b) girl then don't bother. If you (a) and (b) then take her to netball instead.

This isn't about the qualities of the respective sports. I'm sure aussie rules could be adapted to young kids. This is about the aims of the sport's administrators and the quality of the events.

AusKick claims to have a programme for 6yos: that's a lie, they can go to training but can't play a game. Really motivating that! The training is a farce, the 6yos run around with 10yos; that is, small kids running with kids twice their speed and with a much better tactical sense. The small kids never get a look in.

Netball has teams by age: 6yo kids play 6yo kids. Yes, they are all hopeless. But they all get a chance to play and the nature of the game is that every position has to pass the ball. The emphasis of the coaches is that everyone gets to participate, everyone contributes as best they can.

I think the difference in the experince of the small kids comes straight from the aims of the adminstrators. The AFL is not interested in 6yos and it's not interested in girls -- it is the richest sport in Australia but also the only sport in Australia without a national women's competition. Netball's adminstrators just want to have kids playing the game. And this difference shows on the sportground on a weekday afternoon.