Heading off to Brussels for FOSDEM
I'm in the middle of my final travel preparations for Brussels (European
Commission and FOSDEM, see the weblog backlog), and was just reading through th e final conference programme.
It's good to see familiar kernel developers like Alan Cox and Deepak Saxena
(whom I've last met at Linux Bangalore in December). I'm also looking forward
to meet some Ethereal guys (after writing an ct_sync ethereal plugin recently).
Of course there's also the gnomemeeting guys, who will be eager to hear some
answers about how to get or not get h323 throug a netfilter/iptables firewall
(STUN doesn't help, it's fully symmetric NAT). Not sure if I'll have answers, though ;)
[ |
permanent link ]
Robert Olsson achieves new record of 2.1Mpps packet forwarding rate
Robert Olsson is doing very insightful high-performance networking research
on Linux-based machines for many years. Little people know his huge collection
of ASCII-snippets at
http://robur.slu.se/Linux/net-development/experiments/.
It's a real pity that he's basically doing all this research in his spare time,
being a systems administrator at university. Intel and others should actually look at that and fund his invaluable research!
Recently he achieved
2.1Mpps aggregated packet forwarding rate over four Gigabit Ethernet ports
using a Dual 2.4GHz Opteron 250 machine with a specially optimized NAPI driver
patch.
Another interesting graph (almost one year old) compares
the memory latency on Xeon vs. Opteron. Looking at the results, you will
understand that really want to get Opteron CPU's with integrated memory
controller if you care about network forwarding performance :)
Please note that this number is under very synthetic conditions only. This is
single-flow UDP performance, so any routing cache misses / fib lookups are not
yet in the picture. Also, due to the stupid nature of _all_ Ethernet cards, we have to do IRQ affinity and thus only achieve highest performance on the two interface pairs that are bound to the same IRQ.
[ /linux |
permanent link ]
Yay, holidays coming up
I'm already in travel preparation mode. Buying the last couple of gifts,
shutting down servers that I won't need, writing packing lists, and wading
through the remaining two A4 pages of TODO items for the remaining four days.
I'm going to have three weeks of holidays. Contiguously. Not attached to any
conference or other FOSS related event. At least two weeks of it without
touching a notebook or PDA. I have no idea when I last did that. Probably
while I still was with the boyscouts.
Well, yes, I will meet some hackers in the first couple of days, but those have
become friends, and meeting will be strictly off-duty ;)
Elisabeth and me are heading for three weeks of Southern India. It has been
suggested to me that details are not to be revealed beforehand, otherwise LUG
members might approach me for giving speeches/talks/presentations. Not this
time, sorry folks.
I only wish it had already started, and the next four days of TODO bashing had
already passed...
[ /personal |
permanent link ]
European Commission invited me to Present on the Subject of GPL Enforcement
I have the honor of presenting about my GPL enforcement efforts at the European
Commission. No further details yet, I'll provide more informations ASAP.
The most interesting part is why are they interested, what is the intention of
their interest, what kind of people will be listening to the presentation.
[ /linux/gpl-violations |
permanent link ]
Demonstration against Software Patents at the German Ministry of Justice
Yesterday, I was attending the demonstration against software patents at the ministry of justice in Berlin.
This demonstration had to be called in on very short notice, because the
European Council has yet again tried to quietly pass the legislation on
software patentes (2002/0047 COM (COD)) as so-called 'B-item' on the agenda of
the council (toe be more precise: the agriculture and fishing council). A
B-item is one that requires no further discussion - which is absolutely wrong.
The European Union has new member states that didn't participate in the
previous discussion, and several member countries' parliaments have made decisions against patentability of software meanwhile...
[ /politics/swpat |
permanent link ]
A really big Bollywood fan
Since there's a severe lack of non-technical subjects in this blog, I decided
to write something about a passion of mine that developed over the last two
years: Bollywood Movies.
Most German readers of this blog will probably not have heard about Bollywood
before, it's India's mainstream Hindi cinema, from Mumbai aka Bombay (guess
that's where the 'B' is coming from).
Unfortunately Bollywood DVD's with English subtitles are very hard to get here
in Germany, so I've had to order the initial couple of movies from Canadian
NRI-oriented mail orders.
More recently, my friend Atul Chitnis
was kind enough to bring a stack of DVD's every time he travelled to Germany - despite his personal dislike of Bollywood cinema. Thanks again, Atul.
Since a very short time ago, I also know DesiTorrents, a forum related to all kinds of Indian cinema, music, music videos, ...
Now you will ask yourself, "hey, isn't that the same guy who prosecutes
copyright infringers?". Yes, it is. However, I have no way of legally obtaining
the DVD's of the respective movies over here. I haven't found even a single
DVD mail order specializing in those DVD's within .de. And ordering from abroad
is very impractical, due to the high cost of shipping, and even more due the
complicated customs procedure here in Germany.
So as soon as anyone can point me to a less problematic source of desi movies
here in Germany, I'll immediately stop using DesiTorrents!
[ /personal/bollywood |
permanent link ]
Implemented import/export and filter-list filters for ospf6d
Recently my IPv6 setup became a bit more complicated, since I now have two
sites with native IPv6 connectivity and two sites with tunnels, three in
production prefix space and one still 3ffe. They're all connected via OpenVPN
tunnels, and I _really_ need incoming and outgoing filtering of OSPFv4 LSA's, especially since one of the networks originate a default route.
The (new) opsf6d code has a completely different architecture than the ospfd,
so I'm not really sure whether I understood it enough to put the filtering code
in the right place.
Just submitted the patch to the quagga-dev mailinglist, let's see what they say
[ /linux |
permanent link ]
Dynamic port assignment of conntrack helper
I've coded a patch against 2.6.11-rc4 that allows dynamic (re-)configuration of
the port assignment of connection tracking helpers. This has been a TODO item
for at least three years on my TODO list ;)
[ /linux/netfilter |
permanent link ]
[ /linux/netfilter |
permanent link ]
Porting patch-o-matic-ng to 2.6.11
Rusty's recent changes to the conntrack/nat helper API in 2.6.11-rcX have
rendered all conntrack/nat helpers in pom-ng unusable.
I've created a new svn 2.6.11 pom-ng branch and started porting of all the helpers in there. The opportunity was also good to port all the 2.4.x only helpers to 2.6.x, so we won't have the big gap between 2.4.x and 2.6.x supported helpers.
I expect this to take a couple of days, and even after that, for most protocols
I have no opportunity to test (proprietary protocols, proprietary software,
...), so I'll have to rely on your feedback.
[ /linux/netfilter |
permanent link ]
Ulogd 1.20 release
After applying lots of updates that have accumulated in the last months, I've
released ulogd-1.20. Changes
include dozens of fixes and a new PCAP and SQLITE3 output plugin.
This will probably the last new-feature release for 1.x, since I'm already working on 2.x with included support for flow-based (ct_acct) logging.
[ /linux/netfilter |
permanent link ]
Gnuradio / USRP: Software Defined Radio for everyone
As some of you may know, I've recently started to get more into electronics
(again). It's been more than seven year since I finished my training as
radio communications technician :)
Anyway, I wanted to do some research with regard to passive RFID sniffing, DECT
(in)security and other subjects. You can build digital receivers the
old-fashioned way: RF, Oscillator, Amplifier, Mixer, IF and Demodulator in
hardware. This is what we all know and love ;)
However, recently so-called "software defined radios", a technology that was
only available for government services and military (aka big money), are
becoming cheaper and cheaper. Software defined radios take the complex IF
signal and digitize it with high-speed A/D converters. All demodulation or other further processing can be done by signal processing software on the PC.
To my very big surprise, the Gnuradio
project is already providing a very flexible python-scriptable software for
doing such processing. Available code for demodulation is still quite limited
(e.g. no FM stereo decoding, and only very preliminary NTSC b/w decoding). But
well, this is just a matter of time.
What's even more interesting is the USRP (Universal
Software Radio Peripheral), basically a USB2-connected FPGA-board with
high-speed ADC and DAC's. It's available for less than 500EUR, so I immediately
had to buy one. It hasn't yet arrived (shipping from the US), but maybe that's actually better... since experimenting with it will definitely occupy a lot of time that I don't really have :(
[ /linux |
permanent link ]
Some more ct_sync fixes
The latest bug (endless loop) was caused by one of my last bugfixes.
Apparently I introduced an endless loop into a linked list (the nat bysource hash).
[ /linux/netfilter/ct_sync |
permanent link ]
|
