Recipe 2018.05.29 - Sliced Chorizo and Diced Potato

Another quickie, two-ingredient recipe (if you don't count the salt).

Two sticks of chorizo - sliced. Two potatoes - skinned, diced, salted.

Fry the chorizo slices using a little bit of olive oil (or duck fat, if you have). Once a bit charred on both sides, remove from the pan.

Add more oil to the pan. Bring to high heat. Fry the diced potato until brown and crunchy on all sides. Add in the chorizo slices, then serve.

Recipe 2018.05.25 - Crispy Skin Duck Breast

Ingredient list, you say? Duck breast and salt and pepper. That enough for you?

Make sure the duck breast is at room temperature. For best results, score the skin of the duck breast in a crosshatch pattern, then apply salt and pepper all around. If you're lazy like me, you can forego the scoring, but it'll take longer to render the fat. Be careful not to score all the way down to the meat. The salt is to draw out the moisture, so the skin ends up crispy. Pat the skin down with a paper tower to make sure it's really dry.

Lay down the duck breast skin-side down on a non-stick pan at room temperature. If the pan's been preheated, then the skin will seal, locking in the fat, which is not what we want. Gradually turn up the heat, so the fat renders. Once the skin is crisply, turn over the breast. Turn up the heat to seal the duck breast.

Remove the pan from the stove and into a preheated oven (200°C), again skin side down for about 6 - 8 minutes.

Once done, rest for 5 minutes - skin side up this time. Cut into slices and serve.

Rasterizer vs. Rasterbator

According to Wikipedia, rasterisation is "the task of taking an image described in a vector graphics format (shapes) and converting it into a raster image (pixels or dots) for output on a video display or printer, or for storage in a bitmap file format."

In the case of Rasterizer and Rasterbator, these software take in an image file as input and blows up the image into a giant poster (in PDF) full of dots of varying sizes to simulate the original image. It's actually half-toning, but let's not get pedantic here.

The Rasterizer (currently v0.7) is a Java program that you download and run from you Mac or PC. You can run it via the CLI or a GUI front-end. With the Rasterbator (v1.21), you can do the rasterisation online by uploading your image or providing a URL, or you download an offline, standalone software.

Both software can do the job, but I prefer Rasterbator as you get a preview before you commit to the final PDF. The online version even overlaps a human figure, so you can estimate how big the final wall art will be.

XMPP Secure Messaging

Started looking for a messaging solution to communicate with my kid when he's away from home. Why not get him a phone with a SIM, you say? Well, he's not away that often, and I don't want to pay for an ongoing phone service that I'm not using. That removes WhatsApp, Viber, WeChat, Duo, Allo, etc. as an option as they require a verified mobile number in order to work. There are other options like Facebook Messenger and Google Hangouts, but that requires a user account, which I don't think a kid under 10 can legally sign up for.

Next best option? IM via XMPP. Signing up for an XMPP account is free and easy. All you need is a username and password. No other verification needed. For XMPP client, I'm using Conversations for Android. First, I tried ulloo.net. For some reason, OMEMO encryption didn't work. Tried xmpp.jp - same thing. At least xmpp.jp supports presence. Then I tried, chatme.im. This time, encryption (and presence) works fine. Note that chatme.im's website is in Italian, and I can't find any English option. (Google Translate is your friend.) If all you want is to register for an account, go here.

The great thing with Conversations is that it just works - no messy configuration needed. Just enter the username and password that you used when you signed up with your XMPP provider, and off you go.

Capturing L2TP Sessions

Lately, we're been seeing more and more instances of create session timeouts with the cause code 100 - "remote peer not responding".

With constant tunnel failure, it's likely to be due to unreliable transport. Either lost packets or the LAC/LNS getting the sequence numbers wrong, requiring a tunnel re-establishment. Best way to check is to get a trace and verify that the correct Nr/Ns sequence numbers are being used.

When capturing packets from an L2TP interface, you're getting both control messages and payload packets (both port 1701). Bulk of the traffic would be the latter, which does not really help with troubleshooting. To capture only the control messages, use this filter:

udp[8]>>7=1, where highest bit in the first byte of the UDP payload is the control flag

Obviously, if talking to multiple LNS, use the appropriate host IP as extra qualifier.

Good if your requests come in one at a time, and answered in sequence, like so:

More often than not, they come in bursts, and the LNS responds to some but not all. And some responses are delayed, which makes session tracking a challenge.

Best way to handle this is to look at the Assigned Session ID and Session ID in ICRQ, ICRP, and ICCN messages.

1. ICRQ will have Session ID = 0 and an Assigned Session ID chosen by the LAC.
2. When the LNS responds with an ICRP, it copies the original Session ID into the Assigned Session ID, and assigns its own Session ID.
3. Then, in the ICCN, the LAC copies the Assigned Session ID from the preceding ICRQ into the Session ID field.
4. And the final ZLB from the LNS increments the Nr accordingly.