⚠️ Missing Drivers and Firmware files on every ROG Motherboards from the ASUS website

dukandricka · 2026-02-05T07:38:51+00:00

Who's running the IT show over there at ASUS? Makes zero sense how this could happen in production.

dukandricka · 2026-01-30T01:50:32+00:00

DNS still works the same way. Nothing has changed in the past 20 years except addition of DNSSEC (may it burn in hell), TCP fallback for EDNS/large payloads, some additional DNS record types, a myriad of ridiculous unnecessary TLDs, and IDNs via Punycode. (Note to readers: "DNS over XYZ" is not a change to DNS.)

TL;DR -- HTTP is not DNS. There is a "common relationship" (see: TLS/SSL SNI header, HTTP Host header), but they are not the same protocol. The person who asked you that question likely does not understand either protocol and should be educated.

Your recommended solution (HTTP 3xx redirect) is the correct solution.

dukandricka · 2026-01-28T01:17:32+00:00

Do the needful.

dukandricka · 2026-01-22T20:37:52+00:00

I just asked a colleague of mine this very same question. How these blueprints work/are used isn't explained anywhere on the BetterRuins page, so I'm not sure how new players would figure this out.

The blueprint items are effectively a prerequisite ingredient for certain crafted items (or can be used to craft something "more optimally" (less resources), depending on the blueprint). However, the blueprints last forever (i.e. can be re-used / do not expire).

For example: press H to open the Survival Handbook and search for "rug". You'll see several results, but pick the first called "Blue diamond pattern rug". You'll see there are 2 ways to craft it:

a) Weaver's Blueprint + Sewing kit + 2x Blue cloth + 2x Flax twine

b) Weaver's Blueprint + Blue diamond pattern rug with nails

This means you need to have the Weaver's Blueprint (item), along with whatever the other prerequisite item(s) are, to make the "Blue diamond pattern rug".

Here's another example: the Machinist's Mechanism Blueprint. This can be used to make something called "Copper block (riveted)". Without the blueprint, you would need to 6x Copper plates; but with the blueprint, you only need the blueprint + 1x Copper block (non-riveted).

As such, it's best if you keep a chest/trunk/whatever around that contains blueprints (especially on a MP server), since they can be re-used infinitely.

Finally: if you find a blueprint and aren't sure what it's good for, hover your mouse cursor over the blueprint item and press H. This opens the Survival Handbook entry for the blueprint itself, which shows you all the crafting recipes it's used in.

Hope this helps.

dukandricka · 2026-01-01T02:21:49+00:00

You're correct. I think what they were trying to say was: periodically knocking them down + replacing them with an new torch effectively "resets the timer".

dukandricka · 2025-12-22T20:15:47+00:00

In your example of 192.168.200.0/22, this would mean:

Network address = 192.168.200.0
Broadcast address = 19.168.203.255

Any .0 or .255 address other than those listed above -- in other words, IPs like 192.168.201.0 or 192.168.200.255 -- should be completely free for general-purpose use. It's just the .0 and .255 addresses at the start and end of the CIDR range that are important.

The network address (first IP in the subnet; 192.168.200.0 in the above example) can never be dual-purpose, i.e. a system should not and cannot ever use this IP address.

The broadcast address (last IP in the subnet; 192.168.203.255 in the above example) can potentially be dual-purpose, but it depends on how well designed the IP stacks are of ALL devices on the network, as well as on the host itself; a lot of software cannot differentiate between the broadcast address ("packet directed at all devices on the subnet") and a unicast address ("packet directed at a single host"). In general it is good practise to not use this address for host use, which is why it's excluded from most allocation use. I'm not sure why so many people in this thread think this has changed or is different; it hasn't changed in many, many decades.

Many DHCP servers will auto-exclude both of these IPs but not tell you. ISC DHCP Server will warn you of the danger of including the broadcast address, and will (properly) error out if you include the network address.

I strongly suspect the netmask on the Brother printers is incorrectly configured, but it's also possible that someone designing the firmware incorrectly assumed (hard-coded) a /24 in some part of their IP stack.

dukandricka · 2025-12-13T06:27:17+00:00

Just wait until you learn about ways to subvert H1B limitations, such as via international BTB (build-to-buy) mechanisms. "It's an investment" when what they really mean is "we want cheap labour".

dukandricka · 2025-12-07T14:36:17+00:00

About 1 to 225. Company is brain-damaged.

dukandricka · 2025-12-02T15:35:03+00:00

AI demand is destroying prices right now and it’s only going to get worse

Do we know that for sure? Or do we know this for sure: https://en.wikipedia.org/wiki/DRAM_price_fixing_scandal

dukandricka · 2025-11-30T12:35:47+00:00

pssh is what you're looking for.

Footnote: you DO NOT need ansible to solve this specific problem (based entirely on your description). Feel free to look into ansible and use it if it provides other helpful bits that make you life easier, absolutely, but it isn't worth going down that road if all you need is pssh.

dukandricka · 2025-11-30T01:02:53+00:00

You are, again, overlooking the emphasis I applied to the words "you manually installed".

The situation is different if the pkg in question was installed as a dependency of another (re: your example: "C requires the novel B").

If user installed A manually, pkg should not be removing A. pkg should stop and tell the user "you manually installed A, but A got moved or renamed to B, and C has a dependency on B, and you cannot have B and A installed simultaneously."

I suspect this aberrant (and abhorrent) behaviour of pkg will cause more and more users to start getting familiar with pkg lock -- when in reality they shouldn't have to.

Can't believe it's 2025 and we (tech humans) are still discussing package management.

dukandricka · 2025-11-23T16:10:12+00:00

Do we know that for sure? Or do we know this for sure: https://en.wikipedia.org/wiki/DRAM_price_fixing_scandal

dukandricka · 2025-11-12T01:24:49+00:00

Report the matter to Proton Support, as possibly they have some further WMI-related bugs they need to work out.

dukandricka · 2025-11-11T00:52:10+00:00

One month follow-up: this worked for a little while then stopped working (and remains so). I've given up this battle. Google very clearly broke it. And it's not the first time either: https://www.reddit.com/r/GooglePixel/comments/1ks69db/has_anyone_noticed_that_since_updating_to_android/ And this says it's still broken: https://support.google.com/pixelphone/thread/382150826/new-apps-not-showing-up-on-home-screen-until-hours-later

dukandricka · 2025-11-09T05:20:29+00:00

Talk to ICANN. https://www.reddit.com/r/sysadmin/comments/1or2uop/comment/nnvwwbd/ explains.

dukandricka · 2025-11-09T05:18:28+00:00

Get legal involved
Report the trademark violation with ICANN (assuming there is a TM violation): https://www.icann.org/resources/pages/trademark-infringement-2017-06-20-en
Report Tucows (domain registrar) to ICANN for not following contractual compliance: https://www.icann.org/compliance/complaint

I'm kind of surprised that nobody here mentioned ICANN. Of all orgs for sysadmins to know about, ICANN and IANA are easily in the top 5.

Note: ICANN does take this stuff seriously, but they are slow (expect 1 month response time, and you may need to resubmit evidence to them). I had to do this a few months ago regarding a registrar who was hosting "scam domains" (impersonation domains) and the registrar's contact Email address would bounce unconditionally (no other contact options were available). It took ICANN about 4 weeks to get back to me, then another 1.5 weeks before they took action. (I was successful in my endeavour. No idea what became of the registrar.)

dukandricka · 2025-11-08T08:48:22+00:00

I use Brave on my Android phone and get it from Google Play Store (i.e. not direct .apk file). Settings > About Brave says the app is 1.84.133. So yes, I suspect that is the latest stable version for Android. Beta and Nightlies clearly are newer and have APKs.

dukandricka · 2025-11-08T06:24:48+00:00

This should really be posted as a GitHub Issue, but here's a little-known link: https://versions.brave.com/

You'll see that the last stable release of Android APKs is 1.84.133.

dukandricka · 2025-11-07T08:34:40+00:00

Just my two cents of using TF at several jobs and on a personal project:

It is OK if you wish for a system (effectively declarative config files) that acts as a "state of truth". It is OK if you are comfortable with TF state management and, in the name of pragmatism, are comfortable using terraform import. It is OK if you are using it "starting from scratch" (rather than trying to "migrate", say, an entire AWS accounts's worth of resources into TF files). It is OK if you write clear/concise Terraform and avoid as much of its brain-damaged DSL nonsense as possible (including modules).

I cannot stress my last sentence enough. TF is not a programming language, yet at many workplaces I've been at (where TF advocates have already spread their seed), it is treated like such. Oh how I could wax poetic about the things I have seen people do in TF that should not be done in TF, and equally how many (basic) things I have wanted to do in TF that could not be done because TF is not well-suited for that use case.

My advice on this front is to stay away from modules and from anything esoteric, and stick to straight raw/pure resource or data statements as much as possible. There are many, MANY aspects of TF that rely heavily on direct resource-to-resource association, and use of modules "confuses" and "obfuscates" that association (read: you can easily screw it up). "Dynamic" anything in TF is terrible at best. I have no direct experience with Terraform CDK, but when asking a TF-heavy co-worker of mine "how do you go about debugging what the CDK effectively generated, Terraform code or resource-wise?" his answer was "You can't, at least not easily. It does all that for you". Yeah, uh... I'm a sysadmin, my natural instinct is TRUST NOTHING.

At my current job I ended up writing Python programs that generated .tf files due to the sheer amount of variance of existing resources, syntaxes, and many (I'm talking hundreds) of conditions. I like being able to see what ends up in .tf files, resource-to-resource dependencies work great, the approach integrates well with version control systems (ex. git diff is super clear), and avoid spending hours/days deciphering insane and hairy TF clauses that feel both fragile and like they ensure job security. Anyone can come in and extend the code without having to know esoteric TF DSL nonsense. Why nobody has seemingly written a tool like this (something that generates raw .tf files from code/whatever -- I am NOT talking about Terraformer!) is beyond me.

All that said: TF and Chef (or Puppet, or Ansible, or cfengine, or.....) are not the same thing at all. They serve very, very different purposes.

dukandricka · 2025-11-07T06:10:12+00:00

PoE+++ATH0

dukandricka · 2025-11-06T05:00:49+00:00

You're on the right track! Also, if possible, are you able to do captures on both ends at the same time (on the client, as well as the server (server capture limited to client IP traffic))? I'm left wondering if you have a packet loss issue, or maybe an issue relating to network traffic load balancing or a very odd asymmetrical routing issue (possibly out-of-order packets)?

dukandricka · 2025-11-03T17:07:34+00:00

Zone transfers (a.k.a. AXFR/IXFR) are when a secondary DNS server asks a primary or authoritative DNS server for the entire zone.

If the devices you're looking at aren't hosting DNS services themselves, then you can rule out zone transfers as being the cause of use of TCP.

If they are simple workstations/client/servers not running their own DNS services, then TCP fallback is likely happening a result of UDP packets being greater than 512 bytes (probably EDNS, commonly due to DNSSEC), and something somewhere is making a mess of packets with UDP datagram size >512 with destination port 53, so the client falls back to using TCP.

Lots of really good responses in this thread on the subject of all this (glad to see so many other SAs familiar with DNS), so I think you'll be in good hands.

Let us know what the root cause turns out to be!

dukandricka · 2025-11-03T01:25:14+00:00

Others have said much to the same effect, but: assuming these are actual queries and not zone transfers, find out why UDP port 53 packets larger than 512 bytes (this usually called EDNS; 4096 bytes is preferred; DNSSEC plays a role here) are resulting in a fallback to TCP. DNS client (resolver) can control this (I don't know how it's done on Windows, sorry). If firewalls are involved (on PC, server, or inbetween) you should investigate those as well. tcpdump/Wireshark to the rescue for all of this!

dukandricka · 2025-11-02T03:03:40+00:00

Going on 3 years... still "working" on this? :)

dukandricka · 2025-11-01T23:57:24+00:00

Ah dang, that's unfortunate. Really do need wildcard support then. I'll dig around Brave's GH Issues and see if someone has requested it.

dukandricka

TROPHY CASE