Friday, February 25, 2011


There are two types of answers on the web: wrong and correct.

Copying the correct answer here:

you need to add <%= token_tag %> into your form to make this.

Do not comment out the code that throws out the error - it exists for a very good reason: Cross-Site Request Forgery protection.

Which choice ?

In one of the books I've been reading they were talking about choices and I think I came up with a mental experiment that has some interesting complexity in it.

Imagine, you meet a wealthy man who wants to donate some of his wealth to help the poor children of Humbrian Republic. He has $1000000 he wants to donate. There are 10000 children that this money could feed for a year. Without these money, the chances that they die of hunger are tripled. The same chances as without the money are awaiting them after the year - even if the money were to be donated.

However, this man is of a rather evil kind, and he gives you only four choices:

1. You and him part ways, without any decisions made - and he does not donate anything whatsoever.

2. You have to keep the $10000, and the remaining money goes to the poor children of Humbrian Republic - so only 9/10th of the children get the food. As a condition for spending this money you have to keep mentioning that the money you're spending might have been better donated to feed 1000 children - each time you spend something from it.

3. You get to keep $500000 - so only half of the children get the food for a year. You do not get any strings attached to this split - though only 1/2 of them get the food.

4. You get to keep $900000 - so, 1/10th of the money gets donated and you get to keep 9/10th. As a condition you have to talk on the phone to 10 children randomly from the entire set - whether they got or not the money. All of the children will know that you have kept 9/10th of the money.

Which of the four would be your choice. No need to answer, as I guess this would be a pretty confidential matter. (And please do not blame me - as I said it is a deliberate purely theoretical construct ;-)

EDIT: when I mention you get to "keep" the money it means you can not, by contractual agreement, give it away - you have to spend it on your own needs.

Saturday, February 19, 2011

More fun with luajit and ffi: >300Kpps of UDP traffic

Today I added the UDP interface (rudimentary so far) to my experimental event loop.

In the github repo there is the code that simply echoes the UDP packet back.

For fun, I decided to wrap the sendto call into the cycle that repeats it 100000 times.

Here is the output:

23:26:52.988762 IP6 ::1.12345 > ::1.59283: UDP, length 4
23:26:52.988765 IP6 ::1.12345 > ::1.59283: UDP, length 4
23:26:52.988767 IP6 ::1.12345 > ::1.59283: UDP, length 4
23:26:52.988770 IP6 ::1.12345 > ::1.59283: UDP, length 4

This means that the luajit2+FFI can generate between 300Kpps and 500Kpps in UDP. Yay.

Friday, February 18, 2011

Fun with LuaJIT and FFI library - httpd microbenchmarking

When I saw the new FFI library in the LuaJIT project, I immediately thought "yummy". I thought I'd give it a shot during the evening, but.... curiosity had killed the cat, so...

First thing that got annoying quite quickly was the need to prefix every C function call with ffi.C. That's annoying. Can we do better ? Yes, we can. We add this:

-- try to use FFI when no lua symbol found...
setmetatable(_G, { __index = ffi.C } )

And the life immediately becomes great - you get the power of the declared functions plus the flexibility of the lua language, so you can write stuff like "local s = socket(AF_INET6, SOCK_STREAM, 0)". Tres cool.

Now, let's see how much this all is worth performance wise.

Let's write a funny high-level wrapper, that at its "application" core will look like this:

local HTTP_REPLY = [[HTTP/1.0 200 OK
Content-Type: text/plain

This is test

local MAX_FD = 2560

local ss = socket_set(MAX_FD)

local my_accept_cb = function(fds, i)
local cb = {} = function(fds, i, data, len)
fds.send(i, HTTP_REPLY, #HTTP_REPLY)
cb.close = function(fds, i)
-- print("Closed socket")
return cb

while not ss.add_listener(12345, my_accept_cb) do
print("Added listener, please run the test")
while true do
local n = ss.poll(1000)

What do we do here ? We create a high-level abstraction which I called a "socket set" - that encapsulates all the boring event loop that usually exists in programs; and then add a listener socket on port 12345 to this set, which has a callback that is called upon accept and can return either the table with callbacks for the newly accepted socket - or nil - then the connection will be closed immediately.

The accepted socket callbacks are such that they implement a very naive "HTTP server" - just for microbenchmarking.

Now, let's give it a whirl with ab.

The resuls are quite entertaining, here is how they look like:

# while (true); do ab -n 1000 -c 1000 http://localhost:12345/ 2>&1 | grep "Requests per"; done
Requests per second: 8433.91 [#/sec] (mean)
Requests per second: 12374.55 [#/sec] (mean)
Requests per second: 12720.06 [#/sec] (mean)
Requests per second: 12688.58 [#/sec] (mean)
Requests per second: 13144.58 [#/sec] (mean)
Requests per second: 10742.29 [#/sec] (mean)
Requests per second: 8651.27 [#/sec] (mean)
Requests per second: 12748.76 [#/sec] (mean)
Requests per second: 8145.58 [#/sec] (mean)
Requests per second: 12946.32 [#/sec] (mean)
Requests per second: 8648.65 [#/sec] (mean)
Requests per second: 13047.85 [#/sec] (mean)
Requests per second: 11550.14 [#/sec] (mean)
Requests per second: 12904.22 [#/sec] (mean)
Requests per second: 12968.32 [#/sec] (mean)
Requests per second: 13219.47 [#/sec] (mean)
Requests per second: 8244.09 [#/sec] (mean)
Requests per second: 12056.47 [#/sec] (mean)
Requests per second: 12834.83 [#/sec] (mean)
Requests per second: 13288.86 [#/sec] (mean)
Requests per second: 11455.02 [#/sec] (mean)
Requests per second: 11130.03 [#/sec] (mean)
Requests per second: 8034.32 [#/sec] (mean)
Requests per second: 12566.76 [#/sec] (mean)

This is not too bad at all.

Here is the similar test with lighttpd running on the same machine, serving the default static page:

Requests per second: 12080.50 [#/sec] (mean)
Requests per second: 9397.88 [#/sec] (mean)
Requests per second: 9948.47 [#/sec] (mean)
Requests per second: 12906.39 [#/sec] (mean)
Requests per second: 9284.53 [#/sec] (mean)
Requests per second: 4281.34 [#/sec] (mean)
Requests per second: 9143.44 [#/sec] (mean)
Requests per second: 12422.21 [#/sec] (mean)
Requests per second: 9170.19 [#/sec] (mean)
Requests per second: 12603.03 [#/sec] (mean)
Requests per second: 9413.54 [#/sec] (mean)
Requests per second: 12981.62 [#/sec] (mean)
Requests per second: 8615.56 [#/sec] (mean)
Requests per second: 9849.98 [#/sec] (mean)
Requests per second: 9869.43 [#/sec] (mean)
Requests per second: 9818.84 [#/sec] (mean)
Requests per second: 3384.56 [#/sec] (mean)
Requests per second: 9127.59 [#/sec] (mean)
Requests per second: 1528.56 [#/sec] (mean)
Requests per second: 9157.01 [#/sec] (mean)

Not bad at all for a high-level code, what do you think ?

If you want to toy with it yourself - it's on github.

Thursday, February 17, 2011

Fun links: 17 Feb 2011

  • Android virtualized - really cool stuff, with a whole lot of potential. Imagine being able to save your mobile somewhere else than on mobile. Yummy business opportunities, I think.
  • Making presentations in TeX - I made the first step towards using TeX - installed it. The results so far are not terribly cool, but it's only the hands to blame.
  • A fractional horsepower news network - I think this is the beginnings of the pendulum going back from "mainframe", centralized model to a distributed it. Of course, while the history repeats itself, it does so in a whimsical way, so how exactly it will look like, is a question. Maybe in a form of a Freedom Box. I've got some of that.

Wednesday, February 16, 2011

Me talking...

In the past couple of weeks I got "on stage" few times, which was quite a lot of fun. Even more fun was that these moments were shot on video as well. So, here we go, a link collection: here's me talking at Cisco Live 2011 in London about Advanced Firewalls - and the weekend after, my FOSDEM talk about Lighting up IPv6 in Mongrel2.

Elevators: the curiosity

This blog post is intended to serve as a reminder for myself as well as a teaser for everyone else.

First a bit of history of the trigger. The old elevators in the buildings in Belgium are pretty peculiar - they have no doors. Yes, if you are surprised, I was too - when I first arrived - back in Russia (and in Soviet Russia) they had the doors - either the sliding ones or closing ones. So this optimization was weird and a bit frightening.

However, over time I got used to this, and even found it kind of cool to watch the wall as in the evenings the elevator was pulling me up to the 14th floor where I live, and down to the ground in the mornings.

All is good - but the regulators came. Apparently these door-less elevators were considered unsafe by someone. I can imagine either someone got squeezed in some unpleasant way, and hence the reaction. Net result: a seemingly IR-laser based emergency stop mechanism (if you reach your hand towards the wall as the elevator is moving and cross the surface, it stops) - which is pretty cool; and the decrease in speed of the elevator.

It's the latter which is utterly uncool and is a trigger for this - it, at least perceptually has noticeably increased my waiting time in enough number of the mornings to start wondering "why".

And I started to ponder - what is the best mathematical model for expressing my annoyance with this situation in numbers ? And it seems it is a curious one, much more involved than I'd expect at the first glance.

Some reading links on the topic:

So, in short it seems to be a pretty fun modeling topic - even if we do not get into the mechanical problems and keep ourselves busy only with traffic handling problems.

The analytical question, which, after this pre-investigation I am afraid is not so trivial is the function T(v,p) - where the function value is the upper bound on my waiting time when needing to go down from my 14th floor in the morning, "v" is the elevator velocity and the "p" is the probability interval. i.e. T(1,0.95) == 40 would mean that with the 95% probability I would have to wait less than 40 seconds, assuming the speed of the elevator of 1 m/s.

Saturday, February 12, 2011

Google app engine + facebook apps links

Started looking at Google apps engine + facebook combo. Some links that look useful to keep around for myself:




Update: Looks like all of these are obsolete, the way to go is the Python graph api SDK...

Fun links: 12 Feb 2011

Going to start the "links" series, even if for myself only. Too much to post on facebook, I don't want to spam there. And easier to find here if it is indexed...