Category Archives: alien

AND & Bitwise

A bitwise AND takes two binary representations of equal length and performs the logical AND operation on each pair of corresponding bits. The result in each position is 1 if the first bit is 1 and the second bit is 1; otherwise, the result is 0. In this, we perform the multiplication of two bits; i.e., 1 × 0 = 0 and 1 × 1 = 1. For example:
0101 (decimal 5)
AND 0011 (decimal 3)
= 0001 (decimal 1)
This may be used to determine whether a particular bit is set (1) or clear (0). For example, given a bit pattern 0011 (decimal 3), to determine whether the second bit is set we use a bitwise AND with a bit pattern containing 1 only in the second bit:
0011 (decimal 3)
AND 0010 (decimal 2)
= 0010 (decimal 2)
Because the result 0010 is non-zero, we know the second bit in the original pattern was set. This is often called bit masking. (By analogy, the use of masking tape covers, or masks, portions that should not be altered or portions that are not of interest. In this case, the 0 values mask the bits that are not of interest.)
If we store the result, this may be used to clear selected bits in a register. Given the example 0110 (decimal 6), the second bit may be cleared by using a bitwise AND with the pattern that has a zero only in the second bit:
0110 (decimal 6)
AND 1101 (decimal 13)
= 0100 (decimal 4)
Because of this property, it becomes easy to check the parity of a binary number by checking the value of the lowest valued bit. Using the example above:
0110 (decimal 6)
AND 0001 (decimal 1)
= 0000 (decimal 0)
Therefore 6 is divisible by two and even.


It is not enabled by OS, but by applicaiton level.  Failed to response KEEP ALIVE packet will result windows RST


A TCP keep-alive packet is simply an ACK with the sequence number set to one less than the current sequence number for the connection. A host receiving one of these ACKs will respond with an ACK for the current sequence number. Keep-alives can be used to verify that the computer at the remote end of a connection is still available. TCP keep-alives can be sent once every KeepAliveTime (defaults to 7,200,000 milliseconds or 2 hours), if no other data or higher-level keep-alives have been carried over the TCP connection. If there is no response to a keep-alive, it is repeated once every KeepAliveInterval seconds. KeepAliveInterval defaults to 1 second. NetBT connections, such as those used by many parts of the Microsoft networking functionality, send NetBIOS keep-alives more frequently, so usually no TCP keep-alives will be sent on a NetBIOS connection. TCP keep-alives are disabled by default, but Windows Sockets applications can use the SetSockOpt function to enable them.

How to view wireshark KEEP ALIVE and TCP window packet

Known TCP problem

The retransmission timeout is used to determine when a packet has
been dropped in the network.  When this timeout has expired
without the arrival of an ACK, the segment is retransmitted. Each
time a segment is retransmitted, the timeout is adjusted according
to an exponential backoff algorithm, doubling each time.  If a TCP
fails to receive an ACK after numerous attempts at retransmitting
the same segment, it terminates the connection.  A TCP that fails
to double its retransmission timeout upon repeated timeouts is
said to exhibit “Failure to back off retransmission timeout”.

Backing off the retransmission timer is a cornerstone of network
stability in the presence of congestion.  Consequently, this bug
can have severe adverse affects in congested networks.  It also
affects TCP reliability in congested networks, as discussed in the
next section.

It is possible for the network connection between two TCP peers to
become congested or to exhibit packet loss at the time that a
retransmission is sent on a connection.  If the retransmission
mechanism does not allow sufficient time before dropping


are hardcoded to 10 and could not be adjusted via the registry.

d) Some special considerations

=> Even if TCP KeepaliveTime and TCPKeepAliveInterval registry keys are set to a specific value (TCPIP driver uses the deafult values even if we don’t set these registry keys from the registry), TCPIP driver won’t start sending TCP Keepalives until Keepalives are enabled via various methods at upper layers (layers above TCPIP driver).

=> Native Socket applications can enable TCP keepalives by using anyone of the following methods:

– setsockopt() with SO_KEEPALIVE option – WSAIoctl() with SIO_KEEPALIVE_VALS option (it’s also possible to change Keepalive timers with this API call dynamically on a per-socket basis)


In Windows, as well as many other operating systems, TCP/IP Keep-Alive is not enabled by default. By enabling this, SQL Server can, in a timely manner, detect “orphaned connection” and free up valuable resource associated with each connection, including its session context, locks, kernel TCP buffers and etc., which sometime can become very expensive for a SQL Server running heavy transactions. The major drawbacks, among many others, are (1) Keep-Alive consumes bandwidth on a perfect idle connection; (2) It causes good connection to break during transient network failures. So configuring the keep-alive values too small is not recommended.

The following KB about orphaned connection/session for SQL Server 2000 shares valuable insight on how to configure Keep-Alive for named pipe connections.,

SKI Board/Shoes for newbie

Last year I had good time train Patrick SKI at St bruno,  he picked up quickly in 2 hours, and started building addict to ski at higher mountain.  this year we plan to expand it a bit.


1.  Season pass at Bromont, (why Bromont?  Higher, a little bit far, but  40 minutes driving acceptable for 4 hours plan.  have 5-6 beginer trail.)   20% discount when more than 4 tickets purchase at same time.

2. Goggles,   not really needed, but Patrick think it’s look so cool when saw it in Costco . 30$,  We bought it, later I astonished at sport expert shopping counter , the price range from 60$ to 300$.  I can’t really tell the difference. but happy for beginer like us have a Costco selling item. it looks fantastic.

3. SKI board and shoes:  Not going to buy it for 6 years boy, as he grow quickly. the length of ski board and shoe will soon not fit.   Renting price are around 90$, and some store have discount with group on

Policing Versus Shaping

Traffic policing propagates bursts. When the traffic rate reaches the configured maximum rate, excess traffic is dropped (or remarked). The result is an output rate that appears as a saw-tooth with crests and troughs. In contrast to policing, traffic shaping retains excess packets in a queue and then schedules the excess for later transmission over increments of time. The result of traffic shaping is a smoothed packet output rate.


he following table lists the differences between shaping and policing to help you choose the best solution.

Shaping Policing
Objective Buffer and queue excess packets above the committed rates. Drop (or remark) excess packets above the committed rates. Does not buffer.*
Token Refresh Rate Incremented at the start of a time interval. (Minimum number of intervals is required.) Continuous based on formula: 1 / committed information rate
Token Values Configured in bits per second. Configured in bytes.
Configuration Options
  • shape command in the modular quality of service command-line interface (MQC) to implement class-based shaping.
  • frame-relay traffic-shapecommand to implement Frame Relay Traffic Shaping (FRTS).
  • traffic-shapecommand to implement Generic Traffic Shaping (GTS).
  • police command in the MQC to implement class-based policing.
  • rate-limit command to implement committed access rate (CAR).
Applicable on Inbound No Yes
Applicable on Outbound Yes Yes
Bursts Controls bursts by smoothing the output rate over at least eight time intervals. Uses a leaky bucket to delay traffic, which achieves a smoothing effect. Propagates bursts. Does no smoothing.
Advantages Less likely to drop excess packets since excess packets are buffered. (Buffers packets up to the length of the queue. Drops may occur if excess traffic is sustained at high rates.) Typically avoids retransmissions due to dropped packets. Controls the output rate through packet drops. Avoids delays due to queuing.
Disadvantages Can introduce delay due to queuing, particularly deep queues. Drops excess packets (when configured), throttling TCP window sizes and reducing the overall output rate of affected traffic streams. Overly aggressive burst sizes may lead to excess packet drops and throttle the overall output rate, particularly with TCP-based flows.
Optional Packet Remarking No Yes (with legacy CAR feature).

ski ,bromont st bruno

st bruno

20 KM to south shore

Trail map

Vertical drop (134 m). Number of trails (15). Easy (5). Difficult (5). Very difficult (3). Extreme (2). Snow board facilities. Night time lighting (15). Snowmaking system (100 %). Iniski / Inisurf classes. Lifts (8). Triple  chairlifts (2). Quad  chairlifts (2). Surface lifts (4)

2013-10-25 0-21-24

bromont 80 km to south shore

trail map


2013-10-25 0-12-33



Ski Bromont  vertical drop 351m , longest run 1km