Hail!
Author: H Walker Jones, Esq
A professional programmer with a sordid past involving sysadmin, tech support, and cooking.
Mummies
The ancient Egyptians practiced consensual taxidermy
Stir-Fried Udon Noodles with Pork
Ingredients
Equipment
Method
- Put on a pot of water to boil, for the noodles later
- Heat a tablespoon of oil in your skillet over medium-high heat
- Add cabbage/slaw to the skillet, tossing often, until edges are brown. Reduce heat and continue cooking until thickest parts of the cabbage are tender.Remove from heat and transfer cabbage to bowl
- Wipe out skillet, add a tablespoon of oil, and bring back to medium heat
- Add pork to skillet, break it up, and cook until browned. Once the meat is broken up, don't keep fussing with it, give it a chance to get browner bits.
- Once water from step 1 is boiling, turn off heat and add noodles.Let noodles sit for 1 minute, then drain. Toss with 1 tablespoon of oil and transfer to bowl with cabbage. Mix together.
- To the pork, add the pale scallion bits, ginger, and red pepper flakes. Toss for a minute or so, until scallions start to soften.
- Add noodles and cabbage, mirin, and soy sauce to skillet. Mix until noodles are well-coated with sauce.
- Remove from heat and toss in green scallion bits and sesame seeds (if desired).
Notes
- Requires a large skillet. Our 14″ cast iron is the perfect size. It’s not quite a one-pot meal, because there’s a swap of ingredients in the middle, but it’s close.
- Mirin is like sweet sake syrup. The Japanese equivalent of cooking sherry, you should be able to find bottles of it in the grocery store.
- The original recipe was pretty strict about amounts, but we’ve found that this recipe is pretty tolerant of variation.
Adapted from https://www.bonappetit.com/recipe/stir-fried-udon-with-pork
You don’t think it be like it is, but it do.
Quarantine: Reflections From Week 1
After the first full week of quarantine, some observations.
- The public has gone completely crazy.
By last weekend people had purchased all available stocks of toilet paper, paper towels, kleenex, and ibuprofen. Store shelves were completely bare across the nation.There was no real shortage. Panic buying and speculation rules the day. Stores have mercifully instituted per-person maximum purchases to ensure availability for the unlucky or slow-to-act, so paper products are starting to trickle back onto the shelves.
Today the shortages are pasta, rice, french fries, and pepperoni. We couldn’t find any presliced pepperoni in Market Basket.
The veggie aisle continues to be well-stocked, except bananas. (but that’s not completely out of the ordinary.) - Unemployment claims are rising precipitously. Experts are warning that we could reach 20% unemployment this year.
- Street traffic has ticked up a bit. Presumably people are starting to venture out, but not soon enough to save local small businesses.
- Restaurants are still closing, but takeout pizza joints are booming.
We decided to relax and order pizza from Tremezzo’s Pizza last night. Megh called in an order at 4:40 pm. It took nearly an hour for pickup. - Starbucks, as one of the last remaining food service businesses open, is at least as busy as before. It’s limited to drive-thru and pre-order service (nobody allowed inside) and the line of cars just about reaches the main road.
- The kids actually wanted to go out for a drive.
Last night we went across the street with our pizza and salad for a very fun dinner with Debbie and Tom, followed by a round of cribbage.
When we got back home around 8 pm the kids asked us to go out for a drive.
They haven’t been in a car for over a week. They’ve been outside, but there’s nowhere to go so none of us have been further than the grocery store. Their friends can’t come out. It’s weird to go so long without going anywhere, I think it’s comforting to do something familiar like sit in the car.
We swung by McDonald’s for a treat and just… drove around, the four of us. We went out to North Reading, swung through Reading, and came home. It’s weird, but I have to admit that it was relaxing to drive.
Bonus: there were hardly any cars on the road.
Looking ahead, it seems that we might have to collectively hunker down for months, perhaps a year, perhaps more.
Family Chronicle: COVID-19
“The real winner of this pandemic are the nation’s dogs, who are experiencing unprecedented levels of People Being Home”
If you’re reading this far enough in the future, a bit of context may be needed.
As SARS-CoV-2 entered the United States a few weeks ago, we collectively looked at the ongoing experiences of China and Italy and jokingly compared it to Captain Trips. Meghan and I studied the history of the Spanish Flu looking for parallels and worst-case scenarios.
The lessons learned from 1918 are being applied by health officials right now, in an effort to avoid a healthcare-system-crushing pandemic. We can’t avoid contracting the virus, that is clear, but perhaps we can prevent everyone from catching it all at once.
In the middle of last week schools in the Commonwealth of Massachusetts started closing as a preemptive measure. Many businesses did as well, including my own. A few did not until they were ordered to. This all mirrors the experiences (and failures) in other countries that were hit by the virus first.
As I write this, the governor has ordered all schools closed for at least three weeks. Large gatherings are prohibited, originally capped at 250 people and now capped at 25.
— Governor Charlie Baker, March 15 2020
The ban also prohibits eating at restaurants (take-out and delivery are still allowed). By extension that essentially closes most bars, since you can’t take drinks to go. Bars garnered a lot of bad press over the weekend as people noted lines “out the door” at many downtown Boston establishments.
So basically we could go out if we really wanted to, but there’s no where to go right now.
Grocery stores are still allowed to be open, so people can buy things eat, but the doomsday preppers have effectively cleaned the shelves. Stores have struggled to keep essentials in stock, including (oddly) paper products like toilet paper, kleenex, and paper towels, as well as the true essentials that never spoil, like bread, milk, and eggs. Meghan witnessed someone buying five gallons of milk on Saturday. It’s like snow is coming.
Some businesses are instituting, or are relying on, work-from-home policies; unfortunately others, especially service-oriented jobs, are sending people home without pay.
I’m fortunate that I can work from home. We’ve cleaned out the office so I can get real work done, and made a spot for Butter to curl up. Meghan’s situation is a little murky, but so far as we can tell she will continue to be paid for the duration.
The kids are starting to get remote assignments from school. I expect the pace will pick up now that a longer, mandatory stay-at-home order is in place. Some schools in harder-hit areas have stayed open because they support homeless and needy children, providing much-needed meals and warm places to wash up.
Baba has been asking for advice on what social events to attend. (answer: zero.) My own parents have continued to live like nothing has changed, though they’re a bit less social than Baba. All three grand-parental-units are in multiple high-risk groups. Connecticut has been less affected by the outbreak so far. I’ve got my fingers crossed that they’ll come through without contracting it.
Bypassing a Tunnel-Broker IPv6 Address For Netflix
Surprisingly, it worked beautifully… that is, until I discovered an unintended side effect
My ISP is pretty terrible but living in the United States, as I do, effectively makes internet service a regional monopoly. In my case, not only do I pay too much for service but certain websites (cough google.com cough) are incredibly slow for no reason other than my ISP is a dick and won’t peer with them properly.
This particular ISP, despite being very large, has so far refused to roll out IPv6. This was annoying until I figured out that I could use this to my advantage. If they won’t peer properly over IPv4, maybe I can go through a tunnel broker to get IPv6 and route around them. Surprisingly, it worked beautifully. GMail has never loaded so fast at home.
It was beautiful, that is, until I discovered an unintended side effect: Netflix stopped working.
A quick Google search confirmed my suspicion. Netflix denies access to known proxies, VPNs, and, sadly, IPv6 tunnel brokers. My brave new world was about to somewhat less entertaining if I couldn’t fix this.
Background
Normally a DNS lookup returns both A (IPv4) and AAAA (IPv6) records together:
$ nslookup google.com Server: 192.168.1.2 Address: 192.168.1.2#53 Non-authoritative answer: Name: google.com Address: 172.217.12.142 Name: google.com Address: 2607:f8b0:4006:819::200e
Some services will choose to provide multiple addresses for redundancy; if the first address doesn’t answer then your computer will automatically try the next in line.
Netflix in particular will return a large number of addresses:
$ nslookup netflix.com 8.8.8.8 Server: 8.8.8.8 Address: 8.8.8.8#53 Non-authoritative answer: Name: netflix.com Address: 54.152.239.3 Name: netflix.com Address: 52.206.122.138 Name: netflix.com Address: 35.168.183.177 Name: netflix.com Address: 54.210.113.65 Name: netflix.com Address: 52.54.154.226 Name: netflix.com Address: 54.164.254.216 Name: netflix.com Address: 54.165.157.123 Name: netflix.com Address: 107.23.222.64 Name: netflix.com Address: 2406:da00:ff00::3436:9ae2 Name: netflix.com Address: 2406:da00:ff00::6b17:de40 Name: netflix.com Address: 2406:da00:ff00::34ce:7a8a Name: netflix.com Address: 2406:da00:ff00::36a5:f668 Name: netflix.com Address: 2406:da00:ff00::36a5:9d7b Name: netflix.com Address: 2406:da00:ff00::23a8:b7b1 Name: netflix.com Address: 2406:da00:ff00::36d2:7141 Name: netflix.com Address: 2406:da00:ff00::36a4:fed8
The Solution
The key is to have your local DNS resolver return A records, but not AAAA, if (and only if) it’s one of Netflix’s hostnames.
Before I document the solution, it helps to know my particular setup and assumptions:
- IPv6 via a tunnel broker
- BIND’s named v9.14.8
Earlier versions of BIND are configured somewhat differently: you may have different options, or (if it’s a really old build) you may need to run two separate named instances. YMMV.
Step 0: Break Out Your Zone Info (optional but recommended)
If your zone info is part of named.conf you really should put it into it’s own file for easier maintenance and re-usability. The remaining instructions won’t work, without modification, if you don’t.
# /etc/bind/local.conf
zone "." in {
type hint;
file "/var/bind/named.cache";
};
zone "localhost" IN {
type master;
file "pri/localhost.zone";
notify no;
};
# 127.0.0. zone.
zone "0.0.127.in-addr.arpa" {
type master;
file "pri/0.0.127.zone";
};
Step 1: Add a New IP Address
You can run a single instance of named but you’ll need at least two IP addresses to handle responses.
In this example the DNS server’s “main” IP address is 192.168.1.2 and the new IP address will be 192.168.1.3.
How you do this depends on your distribution. If you’re using openrc and netifrc then you only need to modify /etc/conf.d/net:
# Gentoo and other netifrc-using distributions
config_eth0="192.168.1.2/24 192.168.1.3/24"
Step 2: Listen To Your New Address
Add your new IP address to your listen-on directive, which is probably in /etc/bind/named.conf:
listen-on port 53 { 127.0.0.1; 192.168.1.2; 192.168.1.3; };
It’s possible that your directive doesn’t specify the IP address(es) and/or you don’t even have a listen-on directive – and that’s ok. From the manual:
The server will listen on all interfaces allowed by the address match list. If a port is not specified, port 53 will be used… If no listen-on is specified, the server will listen on port 53 on all IPv4 interfaces.
https://downloads.isc.org/isc/bind9/9.14.8/doc/arm/Bv9ARM.ch05.html
Everything I just said also applies to listen-on-v6.
Step 3: Filter Query Responses
Create a new file called /etc/bind/limited-ipv6.conf and add the following at the top:
view "internal-ipv4only" {
match-destinations { 192.168.1.3; };
plugin query "filter-aaaa.so" {
# don't return ipv6 addresses
filter-aaaa-on-v4 yes;
filter-aaaa-on-v6 yes;
};
};
What this block is saying is, if a request comes in on the new address, pass it through the filter-aaaa plugin.
We’re configuring the plugin to filter all AAAA record replies to ipv4 clients (filter-aaaa-on-v4) and ipv6 clients (filter-aaaa-on-v6).
Now add a new block after the first block, or modify your existing default view:
# forward certain domains back to the ipv4-only view
view "internal" {
include "/etc/bind/local.conf";
# AAAA zones to ignore
zone "netflix.com" {
type forward;
forward only;
forwarders { 192.168.1.3; };
};
};
This is the default view for internal clients. Requests that don’t match preceding views fall through here.
We’re importing the local zone from step 0 (so we don’t have to maintain two copies of the same information), then forwarding all netflix.com look-ups to the new IP address, which will be handled by the internal-ipv4only view.
Step 4: Include the New Configuration File
Modify /etc/bind/named.conf again, so we’re loading the new configuration file (which includes local.conf).
#include "/etc/bind/local.conf";
include "/etc/bind/limited-ipv6.conf";
Restart named after you make this change.
Testing
nslookup can help you test and troubleshoot.
In the example below we call the “normal” service and get both A and AAAA records, but when we call the ipv4-only service we only get A records:
$ nslookup google.com 192.168.1.2
Server: 192.168.1.2
Address: 192.168.1.2#53
Non-authoritative answer:
Name: google.com
Address: 172.217.3.110
Name: google.com
Address: 2607:f8b0:4006:803::200e
$ nslookup google.com 192.168.1.3
Server: 192.168.1.3
Address: 192.168.1.3#53
Non-authoritative answer:
Name: google.com
Address: 172.217.3.110
I Mustache You a Question
A project elided
After a few too many close calls, I approached the town about making our street and another into one-way lanes. A counter-clockwise, 1.7 mile loop around the lake.
The town said “no” for some very good reasons. I knew they would, but I had to give it a try. They paid the courtesy of taking it seriously, giving me a meeting with various officials, and explaining the reasons.
I had put an actual proposal together in case this went further. I include it here for posterity. Read it here: Better Traffic Around Silver Lake
Anchors Aweigh!
Living where we do, with a high water table, houses are obligated to have a large hole in the floor of the basement called a “sump“. For those lucky enough to not know, a sump’s job is to collect groundwater before it seeps up through the floor of the basement. You then evacuate the water with a pump, colloquially (and quite logically) known as a “sump pump”.
A sump pump is a replaceable part. The typical lifetime is supposed to be around ten years, give or take.
We last replaced our pump in 2014. I purchased a replacement unit from “Watchdog” that proclaimed it’s longevity, speed, and reliability. This is that same unit, a mere five years later:
The unit continued to work in some condition, until it didn’t. It completely failed during a heavy December rainstorm this weekend. I came into the basement early Saturday morning to find ankle-deep water on the floor.
Woe unto the person who does not have a water alarm or redundant standby sump pump. That person would be me.
The pump is now replaced with a unit from a different manufacturer. Hopefully this one stands up to the elements a little better. We’re working on a water alarm as well.