Coming from the scarcity of IPv4 it’s hard understand that it is OK to ‘waste’ addresses by using large prefix allocations in IPv6.
Linux 3.13 was just released. As always there are lots of interesting new features but two stand out to me: nftables and cls_bpf.
Nftables is the replacement for iptables. It offers a new syntax, looks easier to use and has a simpler kernel implementation through the use of a JITed BFP-like language instead of dedicated field matching code.
Cls_bpf is a new traffic classifier that makes use of BPF to match packets for traffic shaping purposes. This is made possible by the BPF JIT that was added to the kernel some time ago.
Additionally, the BPF JIT can now also be used as a security mechanism to filter which syscalls a given process can use.
The commonality to all of these is a small, simple, fast and flexible component in the kernel with the more complex details located in userspace – I really like this design pattern.
Good overview of HTTP/2 and the process within the IETF.
The idea of having the means of facilitating the exchange of bits without having a stake in the meaning is a transformational concept.
Search via vectors. Neat.