WiFi, IPv6, WebP, CWE, QPACK

  • For the last time, tried to get Zyxel Wi-Fi to work with IPv6. No it won't work. It slows traffic down to absolute crawl. Extremely annoying, I've tried everything yet it won't work. If I use ANY OTHER WiFi bridge it works, but for some reason Zyxel just slows down the traffic. No, it doesn't block it completely. Just rate limits it to something extremely ridiculous. And as stated earlier, IF I use another Access Point, it works or if I move the SAME device to LAN it works, only WiFi (WLAN) sucks. Finally ended up configuring radvd so that it advertises the route only for specific devices. Now I can whitelist the devices which are on LAN with link-local addresses to be provided the gateway. All devices using WiFi will be left without IPv6 due to Zyxel speed issues. It's nice that link local address is of course different even for same device on LAN & WiFi.
  • Studied IPv6 Neighbor Unreachability Detection. And configured AdvReachableTime to reduce number of Neighbor Discovery Protocol (NDP) requests and solicitations. It was nice to notice, that setting this value immediately helped and drastically reduced the number of requests and responses. On fairly stable networks it seems that the default cache time can be considered quite short. Default value seems to be 60 seconds.
  • Updated latest GIMP with WebP support, now the format is starting to be useful because Firefox 65 also supports it.
  • WebP & Windows Photo Viewer - Did I mention that world is full of bad code and programs? After very quick initial testing, it became obvious that Windows Photo Viewer handles colors and contrast incorrectly with lossy and lossless WebP images. So much fail Microsoft, again. Firefox 65 and Google Chrome of course handle the images and colors correctly. Yet I'm waiting for AV1 image file format (AVIF).
  • Studied national security standards for symmetric, asymmetric, key-exchange and hash functions. Yet it basically contained nothing new, just a good reminder of stuff I already knew. Only interesting part was that the recommended ciphers where AES and Serpent. kw: Crypto Approval Authority (CAA)
  • Common Weakness Enumeration (CWE) @ Wikipedia and the official CWE site. So many totally normal issues to deal with, nothing new here either. Many programs are absolutely full of everything mentioned here.
  • QPACK header compression for HTTP/3 (draft / WIP). This QPACK and HTTP/3 adds tons of complexity to the HTTP protocol, which HTTP/2 already did. Probably leading to classic scenario, where there are just a few libraries, everyone's using, because it's just way too hard to get it implemented from scratch. Lot's of speculation and trade-offs. Maintaining complex state information, like the dynamic table, state synchronization, bidirectional communication between encoder and decoder, and so on. Required Insert Count data. Things like these, leave so much room for all kind of optimization tinkering. Non compressed header fields with literal names. - Well, it's good specification and technically very clear stuff and nothing new in terms of logic. - This also sets many requirements for the server software to be efficiently integrated to work with HTTP/3 and I'm not meaning the actual web server, I'm also meaning the business logic / server application actually serving the content. Also see: IETF QUIC WG
  • Studied National Security Risk Assessment documentation, which covers different threats to country, population and economy.
  • Nice article about China IPv6 adoption. Quite verbose article, to sum it up. IPv6 adoption has now started in China and will probably continue with accelerating pace.
  • Studied Akamai State of Internet 2018 final report (SOTI Volume 4 , Issue 5, End of 2018). Sorry, no direct link to the report, because it requires registration. Interesting 1.3 Terabit attack hit Akamai, that's quite big attack.