random musings from ζΉι
NYC Reflections
π Introduction: Three Eras, One City
New York City doesnβt just change β it evolves, reinvents, and reshapes itself with a speed and intensity few other places can match. Iβve visited three times across what is, technically, three different decades: first in 1999, again in 2002, and most recently in 2025. Each visit captured a different version of the city β one pre-millennium and full of late-90s optimism, one still reeling from the aftermath of 9/11, and one deep in the complexities of the modern world. This post isnβt a travel guide. Itβs a reflection. A look at how the city β and perhaps the world β has shifted across those years, through the lens of a visitor who kept coming back, trying to make sense of it all.
…BAUDI/O
BAUDI/O
This post is a bit lengthy and focuses more on the journey behind creating the device rather than the technical details. If you’re more interested in the technical specs, head over to Github to read the documentation and download the Gerbers to build one yourself. Hopefully, you’ll find the background story intriguing…
Background
My fascination with audio electronics began when I discovered the CMoy DIY headphone amplifier. The thrill of hearing music from something I built was incredible and addictive. Over the years, I crafted numerous power and headphone amplifiers, fueled by my passion for the audio and DIY audio subreddits. One project I always wanted to revisit was that first headphone amplifier, but with a twist: using SMD components to see how small I could make it. However, staring at the PCB, I realized how uninspiring it was and never printed it.
…Building against cutting edge avr-libc on Mac
Introduction
The new ATtiny chips feature enhanced performance parameters including up to 32 KB of flash memory and up to 2 KB of RAM. These microcontrollers operate at clock speeds up to 20 MHz and include support for the Universal Serial Interface, which allows for I2C, SPI, and UART configurations. Importantly, they feature improved 12-bit ADCs, 10-bit DACs for better analog performance, and the capability to operate at a voltage range of 1.8V to 5.5V, making them highly adaptable for various power supply conditions. Some models also include a built-in hardware multiplier, which facilitates faster calculations for control applications. Additionally, the new ATtiny series maintain compatibility with the AVR instruction set and can be programmed via UPDI for straightforward development and debugging.
…Sony Portable CD - The D-EJ2000 and EU Volume Limiting
Sony Portable CD - The D-EJ2000 and EU Volume Limiting
I bought a few years ago what is considered one of the best examples of Sony engineering - a D-EJ2000. Unfortunately, this model if you got it in the EU comes with a rather silly limiter on the output to stop us europeans going deaf.
This limits it by a factor of 10, to 0.6mw output compared to 6mw of output for the ’tourist’ version or the US version.
…ChatGPT & Shell Scripting
ChatAI - make me a shell script
One of the things I’ve always ended up doing is writing little shell scripts, or one liners, to do stuff, generally this requirement comes from some sort of needing to tickle of my rather extensive (1.4Tb currently) music library.
I recently got a new music player (A Zishan - now Zisan - Z5). It’s a pretty awesome DAP and does a lot more than the previous generation (the Zishan DSD with an AK9945 DAC), including much improved displaying of Album Art.
…OpenBSD bgpd
Setting up bgpd on OpenBSD (and dn42)
So this is the third part of the series, with the other two focusing on ospf and iked.
We’re using OpenBSD, and OpenBGPD which comes as part of the OS.
The aim of this was to hook up to DN42, a decentralised network which participants join and create wireguard tunnels to peers, and then exchange routes via BGP. It’s an awesome playground if you wanted to dip into learning BGP. Having 0 experience with BGP, I muddled my way through, so consider this - at best - a starting point for configuring BGP.
…Setting up ospf on OpenBSD
OpenBSD & ospfd
So, in a previous article we looked at setting up IPSec ikev2 tunnels between some nodes, all conncted via sec interfaces.
Now that we have connectivity, the next step is to distribute some routes. Let’s revisit our network diagram, with some IP ranges shown:
ββββββββββββββββ ββββββββββββββββ
β β β β
10.0.0.0/24β reachout β β outreach β 10.0.1.0/24
ββββββββ²ββββββββ ββββββββ²ββββββββ
sec0 β100.64.0.2 sec0 β 100.64.1.2
β β
β β
β β
β β
β β
β100.64.0.1 β100.64.1.1
sec0 β βββββββββββββββββ β sec1
βββββ€ ββββββ
β fw0 β
βββββββββxβΊβββ²ββββββββββ²βxβββββββββββββ
β β β β
β β β β
βββββββββββ΄βββ βββββββββ΄βββββ ββββ΄ββββββββββ ββββ΄ββββββββββ
βvlan100 β βvlan200 β βvlan210 β βvlan220 β
β172.16.100 β β172.16.200 β β172.16.210 β β172.16.220 β
ββββββββββββββ ββββββββββββββ ββββββββββββββ ββββββββββββββ
We could simply edit the route tables by hand to create connectivity between all of our hosts, but that soon starts to get messy and complicated - everytime you spring up a new network, you will have to run round and change the configuration on each of the boxes. Assuming you wanted to do that, the easiest way would be to add another line to our hostname.if files, like this:
…OpenBSD iked and sec interfaces
Setting up sec interfaces with iked
This article is mostly around how to get IKEv2 setup on OpenBSD. It took me a while, as I was ‘windmilling in’ and working on it without correctly sitting down and thinking what I wanted to achieve.
On OpenBSD, the iked daemon configures and handles all this stuff. It’s nice enough to generate you some rsa keys on startup, so that saves you a trip to the hell that is the openssl command.
…Using AWS KMS RSA keys with Golang!
Getting golang to talk to AWS/KMS RSA Keys
In short, there’s a few things to get done. To start with we need the Amazon C++ SDK to be able to provide the first layer. Then, we need a pkcs11 provider to talk to that SDK. After that, we need a golang library to be able to talk to that pkcs11 provider. π
Amazon Linux
Because I’m a sadist, I decided on using AWS Linux to make things as complicated as possible. To build stuff later on, you’ll need to yum install cmake3 package, as well as yum groupinstall "Development Tools".
Squeezing the last drops out of FTTP connections using OpenBSD
Packet Queuing with OpenBSD’s pf.
Two immediate links for you, one to Solene’s fantastic explanation of queueing, and another to the pf.conf manpage.
I’m on fibre now at home, which is rather fantastic. In the UK you pay for packages which are sometimes described as 100, 200, 250, 500 etc which indicates the download speed, but annoyingly, they still insist on asymmetric traffic flows, meaning your uplink is limited. As a result, in order to get the maximum download speeds you’ll find yet again, you need to do some traffic shaping.
…