Recently, I ran into some folks from the VMware Research group and we began talking about some of the work they have been doing toward NUMA aware data structures. Their team published a paper in ASPLOS 2017 detailing a tool that could make any data structure NUMA aware, with nice cache and memory locality properties … [Read more…]
Recently, the self-signed certificates that I use for Postfix / Dovecot on my mailserver expired and I decided to try using Lets Encrypt to obtain certificates for them. Lets Encrypt is a fully trusted free Certificate Authority developed by a consortium of organizations to promote a more secure internet. I particularly like the fact that … [Read more…]
I use ddclient to update my dynamic IP address which is assigned by Comcast. This is the gist for the ddclient configuration: # Configuration file for ddclient generated by debconf # # /etc/ddclient.conf daemon=5m syslog=yes use=if, if=eth0 ssl=yes use=web, web=myip.dnsomatic.com protocol=freedns login=abcd password=’CENSORED’ asrivas.me www.asrivas.me mailserver.asrivas.me
Recently, there have been some interesting discussions at work going on around the correctness of system critical code and how memory barriers actually operate on x86. This is a very poorly understood concept mainly due to the ambiguity of the Intel / AMD manuals on the subject. x86 has a much stronger memory model than … [Read more…]
If the worst outcome of trying to upgrade the router firmware is that you might brick it, surely the second worst is when your wife is unable to connect to her VPN when a work emergency demands it. Late on Monday night, Aish sat down to get some work done for a presentation she had the next day … [Read more…]
I have had the TP-Link Archer C7 wireless router for a few months now. Although the hardware in this router is great bang-for-buck, the stock firmware leaves much to be desired. I run a number of servers out of my homelab which requires the router to be configured with port based NAT rules. I found … [Read more…]
Sender Policy Framework (SPF) allows receiving mail servers to authenticate whether the SMTP server originating the email is authorized to send email for the domain. Most email servers will check if the SPF record for a domain exists and if it doesn’t, there are chances that the email can get flagged as spam. Until recently, … [Read more…]
Email (internet messaging) has been around for almost as long as the internet itself. SMTP (Simple Mail Transfer Protocol) allows for designing email systems that are open, non-federated and distributed across the internet. Unfortunately, the architects of this system did not foresee how email spam, trojans, worms and computer viruses would make life miserable for … [Read more…]
Logical volumes allow for flexibility of resizing system partitions on the fly without any downtime. This is a pretty nice feature to have in Guest OS since one does not have to worry too much about allocating the right amount of disk upfront. In a previous life, I have spent many a waking hour reinstalling … [Read more…]
Unbound is a validating, recursive, and caching DNS resolver written in C and much more lightweight than its predecessor, BIND. It was developed with a focus on security and an assumption that every host it interacts with could be malicious. BIND, in comparison, has become too bloated, slow and complicated to maintain. I expect to … [Read more…]