Monthly Archives: January 2008

>Random SSL problem of the day

>So I get the following trying to connect to a sendmail SMTPS port:


2008.01.29 19:41:14 LOG5[8849:3083409072]: stunnel 4.21 on i486-pc-linux-gnu with OpenSSL 0.9.8g 19 Oct 2007
2008.01.29 19:41:14 LOG5[8849:3083409072]: Threading:PTHREAD SSL:ENGINE Sockets:POLL,IPv6 Auth:LIBWRAP
2008.01.29 19:41:14 LOG5[8849:3083409072]: stunnel connected remote server from 10.1.0.2:50824
2008.01.29 19:41:15 LOG3[8849:3083409072]: SSL_connect: 1408F10B: error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number
2008.01.29 19:41:15 LOG5[8849:3083409072]: Connection reset: 0 bytes sent to SSL, 0 bytes sent to socket

The answer was check to see that the other end really is running SSL. In my case it wasn’t. It was amazing how many people were searching the Internet and only after not seeing anything I tried the port… *sigh*

>Jalopy, RIP

>Just before applying DBAN, uptime on jalopy showed:

15:12:57 up 1063 days,  3:06,  1 user,  load average: 0.02, 0.01, 0.00

>This can’t end well…

>

In an epic combination of Passive Aggressiveness combined with Complaining about Neighbors combined with being anonymous comes together in the Web 2.0/Google Maps Mashup RottenNeighbor.com.

Basically you can say whatever you want about anyone you want while being anonymous as you attach it to the map.

Grab the popcorn. This could get entertaining.

>Grandma’s Words of Wisdom

>My 89 year old grandmother was checked into a Nursing home last week. In spite of all her problems, while she was being checked in she was asked:

“How do you feel?”

And she answered:

“With my fingers.”

>ifconfig vs arping

>Todays technical oddity comes to us as part of the Solaris Zones cluster system that I wrote. Its hardcore and I rolled it myself.

We use service IP addresses (i.e. one IP address for each service we provide) and when we move the service IP address we need to have the router find out that it has moved. That’s easy with arping. We just send out an unsolicited ARP reply to the router to update the ARP table entry for the service IP address.

Each Zone is doing a particular service and we programmatically create and destroy zones as we move them around to particular cluster nodes.

Anyway, with the latest patches an odd thing started happening: when my script would ifconfig an IP address directly into a zone and then arping that address to the router, it would get removed from the arp table on the Solaris machine! To make matters worse, when I would do it by hand it would always work.

After some dinking around with it, Matt and I figured out that somehow the Solaris machine itself must be listening to the unsolicited ARP reply and it must have occurred in a race condition with the ifconfig command. My current theory is that the ARP table has only resolution down to a second, and things are recorded with the Epoch time.

The solution?

sleep(1);

*Sigh*

Maybe I should look in the source

>Real-time work clock

>Where I work it is very important to know the right time. As a service to the larger community, here is a real-time picture of the current time:

Maybe I need to adjust my work schedule so I go home at 1:59…