I was working on a post about VirtualBox’s networking capabilities and how none of the modes provided for what I wanted out-of-the-box. But the tirade was interrupted by a simple thought: VirtualBox allows up to four virtual network cards per guest. I could simply configure a guest with two of them—one connected to NAT for reaching the outside world, and the other connected to host-only networking so I could reach it without having to set up port mapping rules. (Bridge mode is unsuitable because I want the machine to be externally invisible; also, the LAN is DHCP and I want the machine to have a static IP without involving anyone else.)
That turned out to work, by the way. The machine still has access to the Internet but also nmap against its static (host-only) IP can see all the open services at their native, unmapped ports.
In the moment I realized that a dual-card configuration would work, I was also struck by the amount of time I had spent coming up with a single-card solution to the external access problem… only to have it turn out to be the wrong problem to be solving. Or, since it wasn’t technically infeasible, a problem made over-complex by the accidental assumption of a single network.
This illuminates one of the main problems of programming: the tension between breadth and depth. To determine if a plan is technically feasible, one needs to dive deeply into all the details and try to fit the final product together in their mind. But, the feasibility alone is not a fitness function. One must avoid getting so lost in the details that this becomes the only approach visible, and actively “back out” to search for hidden assumptions and gratuitous decoupling.
As a younger programmer, I spent some happy hours working on database abstraction layers, and the projects never changed database. These were all in-house projects for in-house purposes where all available (and foreseeable) DBA knowledge was built on MySQL. Building systems that “could” be changed to other ANSI compliant systems was both irrelevant and unnecessarily limiting. I didn’t allow any MySQL specific optimizations, so that all queries could be represented faithfully on any DBMS.
However, the Serendipity weblog system can run on MySQL or Postgres and for them, it isn’t gratuitous. Their software is externally distributed and not every admin using the software will necessarily be either conversant with or favorable toward MySQL. Thus, Serendipity’s user base becomes larger if it has support for other engines. The same decoupling, but no longer gratuitous, and they probably implemented it better than me anyway.
When the VirtualBox Network Quest began, I made the assumption that I wanted one network, and because that assumption was invisible to me, I chased the details down to completion before spotting the alternative.
OTOH, thinking so deeply about it led to a couple of other interesting observations, but they'll have to wait for another post.
No comments:
Post a Comment