litchralee

3

Block, ignore, and continue living your non-bot life.

Restaurants (including franchises of chains) are indeed a major segment of small businesses. Looking more broadly, any industry which: 1) offers a service/product/utility, and 2) has proven to not have a tendency to inflate beyond its fundamental target audience, those are likely to be small businesses. Those are the parameters which stave off any sort of corporate takeovers and consolidations, because they won't invest in a small business if the prospect of infinite growth isn't there. So the business stays small. And small is often perfectly fine.

That is to say, restaurants (humans can only eat so much food), bicycle stores (humans can only ride so much per day), and local produce shops (even in the Central Valley of California, there's only so much produce to sell, and humans can't eat infinite quantities) have these qualities.

But compare those to a restaurant supply warehouse or music equipment store, since those items can be shipped and need no customization by the end user. Consolidation and corporate meddling is possible and probable.

Then you have industries which are often local and small but are prone to financial hazards, such as real estate agents and used car lenders. Because they get paid as a percentage of the transaction size, if the price of houses or cars go up in an unchecked fashion, the profit margins also increase linearly, which makes them more tempting for corporate involvement.

There are corporate-owned national chains of real estate agents, self storage, department stores, and payday loan offices in the USA. But I'm not aware of a national chain for bicycle or bicycle accessories. Even regional chains for bicycles are few and far between. Some consolidation has happened there, but by most definitions, a bicycle shop is very much a small business.

litchralee @sh.itjust.works 2w ago

I've seen the suggestion of buying a GUA subnet, purely to use as a routable-but-unique prefix that will never collide, and will always win over ULA or Legacy IP routes. When I last checked, it was something like €1 for a /48 off of someone's /32 prefix, complete with a letter of authorization and reverse IP delegation. So it could be routable, if one so chooses.

litchralee @sh.itjust.works 2w ago

There's no clicking unless I press down the lever, and I think they're added features to this thing which feel like a set point but are false.

1

litchralee @sh.itjust.works 2w ago

I tried that just for you. Sadly, it didn't open.

2

litchralee @sh.itjust.works 2w ago

Automation would have made this quicker, but I didn't have on-hand any stepper motors nor microswitches to rig up a machine to try all combinations. Perhaps the greatest outstanding issue was how to actually press down the lever to "try" each combination. That would require some sort of solenoid, and at that point, I figure this will just be a passive manual activity, to do when watching TV or winding down before bed.

As for carpal tunnel, the design is meant to reduce that risk, because this wheel minimizes finger manipulations. Indeed, without using any fingers, I could turn this wheel using a pen, Cruella De Ville's cigarette holder, or any number of other instruments that replaces a finger. If nothing else, because the diameter is 180 mm, turning this thing is more of a forearm exercise. I actually considered adding a spinner knob, like those used on an automobile steering wheel.

litchralee @sh.itjust.works 2w ago

Love to see it! Here's hoping Katie Wilson's impact to the city will be on the same order as Anne Hidalgo of Paris.

litchralee @sh.itjust.works 2w ago

The rest of the article: https://www.bicycleretailer.com/industry-news/2025/12/01/industry-veteran-tom-franges-dies-89

litchralee @sh.itjust.works 2w ago

3

litchralee @sh.itjust.works 2w ago

https://ipv6now.com.au/primers/IPv6Reasons.php

Basically, Legacy IP (v4) is a dead end. Under the original allocation scheme, it should have ran out in the early 1990s. But the Internet explosion meant TCP/IP(v4) was locked in, and so NAT was introduced to stave off address exhaustion. But that caused huge problems to this day, like mismanagement of firewalls and the need to do port-forwarding. It also broke end-to-end connectivity, which requires additional workarounds like STUN/TURN that continue to plague gamers and video conferencing software.

And because of that scarcity, it's become a land grab where rich companies and countries hoard the limited addresses in circulation, creating haves (North America, Europe) and have-nots (Africa, China, India).

The want for v6 is technical, moral, and even economical: one cannot escape Big Tech or American hegemony while still having to buy IPv4 space on the open market. Czechia and Vietnam are case studies in pushing for all-IPv6, to bolster their domestic technological familiarity and to escape the broad problems with Business As Usual.

Accordingly, there are now three classes of Internet users: v4-only, dual-v4-and-v6, and v6-only. Surprisingly, v6-only is very common now on mobile networks for countries that never had many v4 addresses. And it's an interop requirement for all Apple apps to function correctly in a v6-only environment. At a minimum, everyone should have access to dual-stack IP networks, so they can reach services that might be v4-only or v6-only.

In due course, the unstoppable march of time will leave v4-only users in the past.

2

litchralee @sh.itjust.works 2w ago

You might also try asking on !ipv6@lemmy.world .

Be advised that even if a VPN offers IPv6, they may not necessarily offer it sensibly. For example, some might only give you a single address (aka a routed /128). That might work for basic web fetching but it's wholly inadequate if you wanted the VPN to also give addresses to any VMs, or if you want each outbound connection to use a unique IP. And that's a fair ask, because a normal v6 network can usually do that, even though a typical Legacy IP network can't.

Some VPNs will offer you a /64 subnet, but their software might not check if your SLAAC-assigned address is leaking your physical MAC address. Your OS should have privacy-extensions enabled to prevent this, but good VPN software should explicitly check for that. Not all software does.

2

litchralee @sh.itjust.works 2w ago

Nice to see more tools being added to the streetscape toolbox. Or rather, being tested and validated for inclusion in the toolbox.

That said, I did want to draw attention to this part of the article:

For instance, the short armadillos don’t offer the same protection as the 18-inch tall Toronto barriers, but they may be the only option for a bikeway on a narrow street or where emergency curbside access is important.

Of the few scenarios that I can imagine this being the prevailing calculus, only one would totally eschew the concrete barrier. For example, the need for emergency vehicles to drive right up to the curb is valid, but is it valid for an entire cityblock?

For when there is zero need to get right up to the curb (eg in front of a park, where there is no structure that could possibly be on fire), then that part of the street should rightfully have concrete barriers. I'm of the opinion that in a mixed-use street, the barrier types should also be mixed. There is no need to reduce the entire block's street protection just because one part of the street needs to yield for emergency vehicles.

But getting ahead of possible objections to this, I'm thoroughly aware that emergency vehicles might need to drive along a bikeway, not just needing to stop along the curb. But that's already a solved problem, such as in Montreal where the protected bikeways are so wide that the emergency vehicles can fit within it, being right up against the curb.

So I reiterate: for only the parts of the street that need to reduce the barrier, that's fine. But once past that section, concrete should be the standard. This prevents any wayward motorists from attempting to straddle the shorter barrier and carve a shortcut around stopped traffic. If they try, they'll run up against the concrete barrier eventually. This isn't a problem for emergency vehicles because they are within right to cross back into the through lanes when lit up with lights-and-sirens.

Voila! The most protection for vulnerable road users while accommodating emergency traffic only exactly when needed. If mixed barriers aren't good enough, then I'd suggest going full Montreal by taking a whole through lane.

3

litchralee @sh.itjust.works 2w ago

I don't have any network certificates. And IMO, I'm not entirely enthused about them, but I recognize they're a required checkbox for getting one's foot in the door, kinda like having a college degree, esp for certain government employers. But I digress.

My networking training was on-the-job, where my mentor basically gave me a hard-copy version of this book: The All-New Switch Book, 2nd Edition, by Seifert and Edwards. In this case, "all-new" refers to 2008. But that's alright because the fundamentals of modern computer networks have not substantially changed, even as we push beyond 400 Gbps and use MPLS to forward Metro Ethernet, or whatever.

In the end, a fundamental understanding involves switching and routing, the whole OSI layer model and practical realizations of it, Ethernet in detail, IP (Legacy + v6) in detail, and best-practices for network design. What a CCNA certificate might specifically cover is the Cisco-specific CLI syntax for setting up and maintaining a network, but knowing the fundamentals means it's easy to manage any vendor's equipment, or even virtual networks for VMs or hyperscalar cloud environments.

1

litchralee @sh.itjust.works 2w ago

Connection tracking might not be totally necessary for a reverse proxy mode, but it's worth discussing what happens if connection tracking is disabled or if the known-connections table runs out of room. For a well-behaved protocol like HTTP(S) that has a fixed inbound port (eg 80 or 443) and uses TCP, tracking a connection means being aware of the TCP connection state, which the destination OS already has to do. But since a reverse proxy terminates a TCP connection, then the effort for connection tracking is minimal.

For a poorly-behaved protocol like FTP -- which receives initial packets in a fixed inbound port but then spawns a separate port for outbound packers -- the effort of connection tracking means setting up the firewall to allow ongoing (ie established) traffic to pass in.

But these are the happy cases. In the event of a network issue that affects an HTTP payload sent from your reverse proxy toward the requesting client, a mid-way router will send back to your machine an ICMP packet describing the problem. If your firewall is not configured to let all ICMP packets through, then the only way in would be if conntrack looks up the connection details from its table and allows the ICMP packet in, as "related" traffic. This is not dissimilar to the FTP case above, but rather than a different port number, it's an entirely different protocol.

And then there's UDP tracking, which is relevant to QUIC. For hosting a service, UDP is connectionless and so for any inbound packet we received on port XYZ, conntrack will permit an outbound packet on port XYZ. But that's redundant since we presumably had to explicitly allow inbound port XYZ to expose the service. But in the opposite case, where we want to access UDP resources on the network, then an outbound packet to port ABC means conntrack will keep an entry to permit an inbound packet on port ABC. If you are doing lots of DNS lookups (typically using UDP), then that alone could swamp the con track table: https://kb.isc.org/docs/aa-01183

It may behoove you to first look at what's filling conntrack's table, before looking to disable it outright. It may be possible to specifically skip connection tracking for anything already explicitly permitted through the firewall (eg 80/443). Or if the issue is due to numerous DNS resolution requests from trying to look up spam sources IPs, then perhaps either the logs should not do a synchronous DNS lookup, or you can also skip connection tracking for DNS.

1

litchralee @sh.itjust.works 3w ago

I'm kinda surprised that your ISP was able to sell you a 1 Gbps service but didn't bother to check if the line equipment was capable of that speed. Here in California, the ONT is considered the "demarcation point", which is where the ISP's responsibility ends and where the customer's responsibility begins. So the ONT is owned and maintained by the ISP, although it often does require AC power from the customer's home.

Just prior to when I upgraded from 100 Mbps to 1 Gbps, my ISP was already undertaking a network upgrade and that meant they were proactively upgrading customers to newer ONTs that would enable faster service. My understanding is that they had a newer fibre switch on their end, and upgraded customers would need the physical fibre moved from the old switch to the new switch. So to shrink the time where they are forced to operate two separate switches, they reached out to all the customers to replace their ONTs at once. I'm aware that some PON networks can run upgraded services simultaneously on the same fibre, but apparently my ISP doesn't do that.

As a result, their equipment was already in place when I decided to jump to 1 Gbps. Rather embarrassingly, it was only then that I found that my home's original CAT5(no E) wiring had two pairs taken for use with a former alarm system. And since 1 Gbps requires all four pairs, the ISP technician could show 1 Gbps at the demarc but not through my home wiring. On my own time, I reunited the missing two pairs and now have 1 Gbps link to the ONT.

In future, I plan to re-run that 30 meter link with CAT6, since my own testing indicated that the existing wiring is too marginal for 10 Gbps, or even the 802.3bz intermediate speeds of 2.5 Gbps or 5 Gbps. And I really do want to upgrade to 2 Gbps service, mostly to say that I have it...

1

litchralee @sh.itjust.works 3w ago

https://github.com/Overv/vramfs

Oh, it's a user space (FUSE) driver. I was rather hoping it was an out-of-tree Linux kernel driver, since using FUSE will: 1) always pass back to userspace, which costs performance, and 2) destroys any possibility of DMA-enabled memory operations (DPDK is a possible exception). I suppose if the only objective was to store files in VRAM, this does technically meet that, but it's leaving quite a lot on the table, IMO.

If this were a kernel module, the filesystem performance would presumably improve, limited by how the VRAM is exposed by OpenCL (ie very fast if it's just all mapped into PCIe). And if it was basically offering VRAM as PCIe memory, then this potentially means the VRAM can be used for certain RAM niche cases, like hugepages: some applications need large quantities of memory, plus a guarantee that it won't be evicted from RAM, and whose physical addresses can be resolved from userspace (eg DPDK, high-performance compute). If such a driver could offer special hugepages which are backed by VRAM, then those application could benefit.

And at that point, on systems where the PCIe address space is unified with the system address space (eg x86), then it's entirely plausible to use VRAM as if it were hot-insertable memory, because both RAM and VRAM would occupy known regions within the system memory address space, and the existing MMU would control which processes can access what parts of PCIe-mapped-VRAM.

Is it worth re-engineering the Linux kernel memory subsystem to support RAM over PCIe? Uh, who knows. Though I've always like the thought of DDR on PCIe cards. All technologies are doomed to reinvent PCIe, I think, said someone from Level1Techs.

litchralee

@ litchralee @sh.itjust.works

Posts

29
Comments

698
Joined

2 yr. ago

litchralee

Why don't compasses have just two Cardinal directions (North, East, -North, -East)?

Are people with High functioning autism allowed to become police officers?

Why are we still allowing Americans to vacation in Canada?

Rear Radar Lights Are Essential Safety Gear for Road Riders. Can the Low-Cost Bryton Gardia Really Compete With Garmin and Wahoo?

What's the best way to answer someone who accuses you of being a bot because they don't like what you have to say?

Who shops at small businesses?

Are there any VPNs that support dedicated IPv6 addresses?

3D-printed PLA "dial wheel" to manually brute-force a combination lock-box

3D-printed PLA "dial wheel" to manually brute-force a combination lock-box

3D-printed PLA "dial wheel" to manually brute-force a combination lock-box

How Seattle’s new bike lanes are making the most of used car parts

Industry veteran Tom Franges dies at 89

Industry veteran Tom Franges dies at 89

Are there any VPNs that support dedicated IPv6 addresses?

Are there any VPNs that support dedicated IPv6 addresses?

How Seattle’s new bike lanes are making the most of used car parts

What was your CCNA experience?

Conntrack question

How to efficiently troubleshoot your connection

GPU prices are coming to earth just as RAM costs shoot into the stratosphere - Ars Technica

My wall-adjacent leg press/hack squat, to save floor space

20 kg bumper plates, made from 45 lbs bumper plates

20 kg bumper plates, made from 45 lbs bumper plates

Micromobility Products-Related Deaths, Injuries, and Hazard Patterns: 2017–2022

Tahoe area trail network will connect Truckee to Nevada City

Homemade plate-bearing pegs for weight-stack machine

Help me remember a "back-to-back chaise longue" from TV or film. What would you call this?

How big and heavy until it's no longer a form of micromobility?

The Evolution Of Bike Racks