various musings and babblings.
Check the new home page at blacka.com! Up until now, this page was about as boring as possible. In fact, I don’t know if anyone ever went there intentionally. But now it has a snazzy new look, designed by my sister.
All of the photos are mine (well, taken with my camera, anyway). They represent a somewhat random sample of my meager photo collection. Mmmm, I should take more photos…
DNAME, if you are not aware, is a DNS record type defined in RFC 2672. If you are familiar with the DNS’s CNAME record, then think of DNAME as a sort of super CNAME. If not, well, I’ll try to explain how DNAME works.
A Brief DNAME Tutorial
Whereas CNAME is used to alias a single domain name to another, DNAME aliases an entire subtree to another. It accomplishes this in one of two ways: either it acts as a CNAME generator, or it is understood by the client and the client implements the same behavior without all the generated CNAMEs.
So, some examples. Imagine that this record exists in its proper place in the DNS:
www.bar.com IN CNAME www.foo.com.
This means that queries for www.bar.com, of any type (A, AAAA, MX, etc.) will get aliased to the same query for www.foo.com. But queries for mail.bar.com (for example) do not. Nor do queries for yyy.www.bar.com. Now imagine a similar usage of DNAME: bar.com IN DNAME foo.com.
Now, the DNAME record will synthesize a CNAME for any query below bar.com. A query for www.bar.com will get aliased to www.foo.com. mail.bar.com will be aliased to mail.foo.com. x.y.a.b.c.bar.com will be aliased to x.y.a.b.c.foo.com. Everything. But, queries for bar.com won’t be aliased at all. DNAME only matches below the name, not at the name.
All in all, a pretty clever idea.
Using DNAME to Create IDN TLDs
So, let’s think of some ways that DNAME might be used. One idea that has been bandied about is to create IDN aliases for TLDs. So, for example, imagine a DNAME that maps ‘xn--c4m’ (somebody feel free to suggest a real punycoded com equivalent) to ‘com’: xn--c4m. IN DNAME com.
The idea being that while the world wants native language versions of com, net, etc, the world doesn’t actually want them to be new TLDs (where amazon.xn--c4m could be different than amazon.com.) So, using DNAME in this way looks great—somebody who registered xn--b7r.com now gets to advertise their domain as bår.cøm (or whatever—I’m too lazy to actually use real unicode here, people). When somebody queries for www.bår.cøm, this gets converted to www.xn--b7r.xn--c4m IN CNAME www.xn--b7r.com. Not bad, not bad at all. However, what happens when the owner of xn--b7r.com starts thinking of his domain as actually “xn--b7r.xn--c4m” (or bår.cøm, since people don’t actually think in punycode…), and creates a subdomain: xn--su9b.xn--b7r.com. IN NS ns1.xn--b7r.xn--c4m. xn--su9b.xn--b7r.com. IN NS ns2.xn--b7r.xn--c4m.
Well, what happens is that this delegation actually doesn’t work. And it doesn’ t work because ns1.xn--b7r.xn--c4m doesn’t actually exist as a name in the DNS. Instead, it is gets converted into a CNAME, and NS record targets cannot be CNAMEs (This is pointed out in RFC 2181, but the real point is that resolvers won’t generally handle this case.) Note that it isn’t that the owner can’t have subdomains. It is that he can’t use the IDN TLD version of his domain the same way as the real one. So, the DNAME based IDN TLD is a second-class citizen, and will probably lead to operational problems as end users fail to realize that this IDN TLD isn’t actually a real TLD, and what the consequences of that are.
Using DNAMEs for Variants
OK, so how about another potential use, instantiating IDN variants? This is slightly different from the case above in that the idea here is to create aliases to existing second level domains as a courtesy. It isn’t really nearly as likely that someone down the road will mistake the DNAME for a real name—this is just to help people who enter a variant get to the right place.
Actually, this idea isn’t really about IDN variants at all. Imagine that you have a bunch of domains of which one is the “real” one, and the rest were just registered to keep other jackasses from registering them and defaming you. Or just registered because people might try to find you under the other domains. For an example, let’s imagine that Amazon has amazon.com (the main zone), amazon.co.uk, and amazonsucks.com, all of which Amazon wants to behave the same. Instead of maintaining a bunch of copies of the amazon.com zone, couldn’t you just leave one “real” and have the rest be DNAMEs? This would make managing these copies so much easier, wouldn’t it?
Well, yes, but…. Since the DNAME doesn’t match at itself, you haven’t aliased the entire zone, since you haven’t aliased the name “amazon.com” itself. Alas, there are always critical records stored at the apex. At the very least, an MX record. So, you haven’t really saved yourself much work, since you will (most likely) have manage the variant zones anyway, just to keep the zone apex in sync.
Another way to accomplish this task is to use the same zone file for all of the variants. BIND, at least, makes this easy: just make sure that everything in the zone is relative to the “origin”. When the file is loaded against different zones, the origin will be set to each zone in turn. (This is a bit like using all relative paths in your HTML and then having the freedom to move the pages around without changing the HTML.)
The Good News
So what is DNAME good for? The canonical use for DNAME is to move zones around in the reverse tree, typically for renumbering. This works better, because the zone apexes in the reverse tree aren’t used much (or at all). It is also useful (although not perfect) in cases where you do not control the zone that you wish to mirror.
I won’t say that DNAME is completely useless—a few people have certainly successfully used it. But, it doesn’t work adequately in situations where no other good solutions exist (IDN tlds), and even where it does work, there is always another way to accomplish the same thing that, generally, isn’t much more work.
Also, that it has been around for six years and hasn’t seen any sort of widespread use is, at least, an indication that DNAME doesn’t solve any pressing problem.
Ever since I sprung for the (awesome) TiVo Series 3, getting two CableCARDs (and digital cable) for it has been on my “to do” list. I’d been avoiding it because of the various horror stories that I’d read about during the Series 3 launch.
I figured I would give the cable companies time to come to grips with the new demand for CableCARDs. So, earlier this month, I figured enough time had passed, and I called Verizon to order the CableCARDs and ditch the (long since unplugged) DVR/cable box.
Note that to call Verizon and get anything useful done, you essentially have to call them during business hours. Otherwise you get stuck in their maddening voice response system. So I finally remember to call them during business hours, and after being transferred a few times, actually get to tell somewhat what I want: 2 CableCARDs for a TiVo. I get scheduled for 11/14. So I work from home that day. Even though it takes me most of the morning to stop swearing at my work laptop, I actually am pretty productive. However, after 3 pm (you know, long after to point where you could have salvaged your day), the Verizon tech calls and informs me both that he doesn’t know what I need, and when I tell him, that he doesn’t have CableCARDs on the truck, so he can’t get to me. Grr.
I reschedule with him for Friday. I call Verizon directly to try and connect all the dots. This is futile. That is, it appears to work, but, as you will soon see, it doesn’t work.
I spend Friday actually on vacation, but feel trapped in the house, since I have zero idea when the techs will arrive. It turns out, I needn’t have bothered. By 3:30, no one has showed, so I call the 1-800 number that I have. I’m informed of something to the effect that the order was screwed up, and could they try again on Monday (today). “Sure,” I say, already pretty annoyed. I was going to be home anyway (more vacation time). I also meant to call them in the morning to find out if anyone driving a Verizon truck even knew about me, but I forget.
Fast forward to now. Around 4, once it is somewhat clear that once again no one was going to come, I call again. This time, the human on the other end is a bit aghast at how screwed up my order is. She calls the dispatcher (this has happened every time I’ve called, except the first time, actually), and eventually tells me that all she can do is escalate. About 30 minutes later, someone from Verizon calls (apparently this is the escalation), and essentially, puts me on hold. Whee!
Currently, I’m yet again scheduled for tomorrow (11/21), this time for the morning (i.e., not an all day window). My decision tree now looks like this: If techs arrive without CableCARDs, they get to take the DVR with them, and I cancel FiOS TV. They are fired. If they arrive with CableCARDs and they work, then they remain hired. If they do not arrive, I stop asking for CableCARDs, and just tell them to cancel, they are fired.
I actually have no reason to believe that getting CableCARDs from Comcast (my other choice — I feel lucky that I even have one) will be smooth, but it is possible that they will, at least, know how to enter an appointment into their system.
Update: SUCCESS! At the outer edge of the installation window (8am to 11am), an installer came and the TiVo is now working with 2 CableCARDs. w00t!
It was harder than it should have been because, at first, the TiVo weirded out, and I had to remove the card and reboot. Next, the installer was unable to initialize the cards via his fairly nifty ruggedized laptop with built-in EV-DO due to some sort of (office-side) configuration issue. After making a few phone calls to find the right person, he got someone on the phone who could initialize the cards, and it was fairly smooth sailing from there on out.
About 40 minutes after that, I’ve re-run “guided setup” on the TiVo, and deleted all of the duplicate, spanish-language, and stupid channels.
A few weeks ago, I went to dinner with a coworker of mine, George. George is the most serious connoisseur of sushi that I’ve ever met (not counting sushi chefs themselves). We just went to the sushi place across the street, but George has developed a relationship with one of the chefs there, and that transformed the experience into something different.
For one thing, this was the first time I saw someone hand-annotate the a la carte sushi menu to request a combination of sashimi, sushi, and hand rolls. Plus, we wrote in a sushi roll that wasn’t on the menu. A whole new world!
Afterwards, George and I discussed our various theories of what consisted of levels, or dividing lines between various sushi eaters. First, I present my general theory of sushi diner progression:
George basically agreed with my theory, but insisted that it was only half the picture. The key, he said, was saba (mackerel). Now, in my progression, typical Americans will eat saba fairly early on — it is just another form of raw fish, after all. But they won’t like it. But once it becomes your favorite, and you can convince the sushi chef that it is your favorite, then the relationship with the sushi chef changes, and they start to take you seriously. Saba is apparently the first step to the Japanese sushi progression.
We had saba (sashimi) that night, and I have to admit, I thought it was pretty good. Of course, we started the meal with the fried shrimp heads.
My new toy arrived about a week ahead of schedule:
I apologize for the horrible photo. I’ll try to get a better one when I can photograph during the day. Well, at least a less gloomy day.
Anyway, I bought a Tivo Series 3 to replace my aging (6+ years old!) series 1 TiVo. Of course, my series 1 still works and I was still using it, but I became gripped by The Fear, so I’ve gone ahead and replaced it.
It is probably mostly that I’ve switched from a series 1, which hasn’t had a software update in 5 years, but I love this new Tivo. I don’t have it hooked up the digital cable yet, however, so there is more exploration of this thing to do.
Update: I have at least ordered CableCards from Verizon, so I may be able to get my TiVo to realize its full potential. The cards will apparently be $2.95 per month, each.
… like I did, by accident.
I had gotten a wee bit behind on paying my cable bill. This might be because I’m on the cusp of canceling the service, but that doesn’t really matter. So, I go to my online bank and pay my now 60-day overdue cable bill via the online bill pay feature. Ah, the perils of online bill pay. Somehow, instead of paying Comcast $204.98, I pay them $20498.00. No doubt a typo, but who can say for certain? Of course, I actually have enough money in this account to actually pay this, although just barely.
I actually don’t notice this error until one of my repeating, auto-scheduled payments (my mortgage payment, actually), miserably fails due to lack of funds, some 16 days later. “Whaaa?” I think to myself. “How the hell could this happen?” I log on to the bank’s website, and pretty much immediately notice the giant sum of money going to the cable company.
So, I call the bank. They are understanding, but cannot actually do anything. They tell me that I must talk to Comcast to get anything done. So I call Comcast. Somehow, I still owe them money. In fact, it looks like my $20k never got there. Ok, so where the hell is it? If it isn’t at my bank, nor at Comcast, is it lost in the ether? After explaining my problem to the poor guy at the Comcast call center, he informs me that in his experience, they reject payments of over $500. I admit that sounds like a good idea, but reiterate that my money is actually missing. I get escalated.
This is where the story might make an unexpected turn for some of you. I actually get escalated to someone in the finance department of the particular Comcast unit that I deal with. I.e., someone local. A real human. Actually, I very nice person named Sharon. I have a chat with her about my problem, and she promises to do what she can, but needs some sort of evidence of this event to start. Fair enough. I fax her a bank statement, and the actual page from the online billing portion showing the payment. I call the bank again to see if they can help. They promise to send more information to Comcast, using the fax number I forward to them. Then I call Sharon again and tell her this. She tells me that she should be able to get their bank to find this transaction, as it will stand out. She will call me back. One hour (or so) later, she calls back. They have found my lost loot and will refund it, but it will take 3-5 business days. I thank her profusely, and take what I can get.
Three (business) days later, my money has returned. And the bank reversed the service charge I incurred when my mortgage payment failed. So, I’m not really out much money (3 weeks of interest on the $20k).
So, the moral of this story: 1) don’t pay your cable company $20k. 2) if you do, don’t be mean to the customer service people. They will help. 3) Comcast actually handled this very well. I sort of feel guilty canceling them.
On a mailing list that I’m on, a funny argument about the wisdom of anycast DNS service has erupted.
Now, I’m certainly no expert on anycast, but I can see a small kernel of truth buried in the FUD of the doubters.
Anycasting can lead to a false sense of resiliancy.
For example, 2 anycast clouds with 6 instances each is less resilient than 12 separate unicast instances. This is because, from the point of view of the DNS client, there are only two nameservers to contact, and if both go down, the client is hosed. Two failures in the unicast case don’t lead to any noticeable problem.
This isn’t the same as saying that anycasting doesn’t, in general, improve the situation. But it isn’t a substitute for advertising more than, say, two nameservers.
Anycasting can be done poorly.
Imagine having two different anycast addresses, but that each cloud essentially has both addresses in the same rack at every instance. Or even just at some instances. In this case, the amount of redundancy is less than the operator might suppose, and a single power failure (e.g.) could render the zone inaccessible.
Of course, people who set up high-profile anycast DNS service generally know what they are doing and provide sufficiently independent anycast clouds.
It is possible that the use of anycasting can have negative consequences for some people, somewhere.
Ok, so this is the argument put forth by a famous internet troll. (If the phrases “scientific fraud!” and “for spoofing” are familiar, you know who I’m talking about. If not, don’t worry about it.) Basically the theory goes like this:
And thus, for some people, somewhere, in magic spots on the internet, might find a given anycast address unusable for TCP. The famous internet troll takes this argument to mean that anycast is completely unusable for DNS. Now, keep in mind that, even if you are in such a magic spot, the chances of all of the anycast addresses for a domain suffering from the same problem are extremely small. And keep in mind that the vast majority of DNS queries are over UDP, which doesn’t have this (potential) problem.
I, of course, have no idea if there are actually any such magic spots on the internet.
…But a kernel of truth doesn’t equal truth.
These are just things that could be wrong with an anycast DNS deployment, not that they are. I sympathize with the operators who must defend themselves in the face of clueless folks who make the leap from their being a potential problem to an actual one without actually investigating anything. Nevertheless, I think that it would be better to inform the clueless that the operators are aware of the pitfalls, and thus, have not fallen into them.
So, I’ve been using my new, simple, email productivity plan for a few months now. And… it works at work, but not so much at home. At least not yet.
My Inbox at work is basically clear. It isn’t empty, but since I don’t have different categories for “to do now” and “will need to pay attention to in the future”, that is OK. But the home inbox has tasks that sit there an languish. I just don’t read email the same way at home. Plus, at work it is basically reasonable to assume that almost all of my tasks will be represented as email. At home, almost nothing is. At home, what I really need is a paper-based Inbox. An, oh yeah, I need to actually try to clear it.
I’ve been thinking about my personal productivity lately. There are three things that are making me worried. One: I’m moving into a new position at work that will be more time demanding and (presumably) have more meetings. Two: I’m not getting enough domestic stuff done, although this is a long standing problem. Three: recently, I passed some magical email threshold where I’m suddenly not sure that I’m responding to all of the mail that I need to.
Now, for the vast majority of my life, I’ve been able to keep track of things to do and meetings to go to in my head. So, for the vast majority of my life I haven’t used a calendar or “to do” list. It was actually more work to maintain them than it was worth. For the past several months, however, I have been using a calendar (although my solution isn’t ideal), and I’ve needed it. I still don’t use a “to do” list.
So begins my baby steps into a more mature productivity system.
So, my first step is to change my email workflow. Before, my inbox was automatically trimmed to the last thirty days of read mail. Older, read mail was automatically moved to a year-based archive subfolder. This is nice in that the inbox doesn’t get so huge that it gets slow, but basically useless for determining if something needed to be done or not.
The new workflow is this: the inbox is NOT automatically archived anymore. Now, once an email is handled, it gets moved to the archive folder. So, now the goal is to empty the inbox, and the inbox is somewhat reminiscent of a “to do” list. Hm. Perhaps in the future, the inbox won’t be the only place for email that needs action, but for now, it seems sufficient.
If you are like me and have been made retarded by Emacs, you might miss the standard Emacs bindings in FireFox and/or Thunderbird. Well, never fear, there is a way to fix it. While it is pretty easy to fix on Linux, it is a wee bit of a pain-in-the-ass on OS X. So, to save some of you some time, here is the modified toolkit.jar for Firefox 1.5.0.2.
Here is how you use it:
I wouldn’t use this jar file with other versions of FireFox, by the way.
Update: Pete has created the equivalent toolkit.jar file for Firefox 1.5.0.3, although it looks like nothing in toolkit.jar actually changed between 1.5.0.2 and 1.5.0.3, so mine might actually still work. Nonetheless, I suspect that keeping up with weekly bugfix releases is going to be quite tedious. Which is probably why the MozillaZone folks aren’t doing it…
Update to the Update: Pete, at my instigation, has just scripted this, so we don’t have to manually fix Firefox/Thunderbird/etc. Hooray!