Yet again working on my network stack implementation, and just..
I do not enjoy that Layer 2 has to care about stuff from Layer 3
Or that Layer 3 and 4 are/can be entangled with each other,
instead of all of them being able to just work independent of every other layer
WEH
@k4m1 wdym with l2 caring about l3? packet snooping for building ARP/switching tables?
hugs
That's whole another can of worms,
this complaint was just provoked by remembering that EtherType field in Ethernet frame is used to indicate type of protocol that'll follow x-x
So 0800 for ipv4, 0806 for arp, and so forth
@erincandescent @k4m1 @alina the funny thing is that we designed systems to support a multitude of protocols. then we proceeded to only ever (commonly) use three of them (ARP, IPv4, IPv6)
but fear not! we designed IP to support a multitude of protocols too! and then we proceeded to only really use TCP and UDP. For an unwritten reason everything else has to match one of those now :))))
but fear not! we designed TCP/UDP to support a multitude of protocols too!!! and then we proceeded to block every port other than 80, 443 and 53, because everything is HTTP(S) or DNS now
but fear not! we designed^W slapped websockets on top of HTTP because THERE IS NO GOD
Was trying to write a clever and funny reply, or something, but the "AAA"s summarize it all perfectly 
@ity I wish everything was AAAA now, but way too many things are still A only. 😞
@alina @domi @erincandescent @k4m1
mumble.example.com IN AAAAAAA wss://sakamoto.example.com/mumble
@domi @erincandescent @k4m1 @alina there are two big workarounds for intermediaries in websockets:
the client sends a random value in the Sec-Websocket-Key header and the server responds with a Sec-WebSocket-Accept header with a value base64(sha1(key || hardcoded_thing)). This is to prevent caching proxies from sending back an existing websocket connection.
To prevent protocol confusion in TLS-stripping intermediaries (and maybe badly designed NICs if using unencrypted websockets), client to server frames must be masked. Frames contain a 32-bit random value which is xored with every word of the payload before sending.
@artemist @erincandescent @k4m1 @alina my favourite part about this god forsaken protocol is that they picked a static UUID to add as salt to a hash. it never changes, it’s in the RFC
@erincandescent @domi @k4m1 @alina I'm tired of knowing how the sausages is made 😭
Like it's really cool in a you probably shouldn't do that even if it'll work kind of way.
Oh had totally forgotten about this gem :D
Had the joy of having to work with this stunningly quic mess in distant past (x
@erincandescent @k4m1 @alina in an imaginary world it probably doesn’t need to be, that’s true. moreover, if you built automatic keepalive (pings) into the network stack itself, you’d solve most of the problems of its async nature, and then you’d truly only need one proto.
unfortunately…
This document describes how to proxy Ethernet frames in HTTP. This protocol is similar to IP proxying in HTTP, but for Layer 2 instead of Layer 3. More specifically, this document defines a protocol that allows an HTTP client to create Layer 2 Ethernet tunnel through an HTTP server to an attached physical or virtual Ethernet segment.
no! only bad network admins block outgoing ports “just because”!@a51c @erincandescent @k4m1 @alina while you’re not wrong, the root cause of this one is entirely different:
normal protocols become bespoke due to layers of compatibility hacks. DNS is like that to a point, but much more of it was sheer convenience. TXT is a dumping ground for everything, therefore so much software flocks to it for storing metadata. This didn’t obsolete any records, and there’s a vast diversity of Stuff that DNS is actually used for ^^
if you want a real kicker, check out the List of DNS record types on wikipedia. Half of those read like they were designed by a lunatic and would never ever work well in the real world.
@a51c @alina @erincandescent @k4m1 my favorites are as follows:
DNS infrastructure is a bespoke pile of interconnected "standards", and its management is often treated as an afterthought. With Project ...
@a51c @erincandescent @k4m1 @alina I’m hacking on more cursed DNS-adjacent things right now, which will be published in a future blogpost. equal magnitude of this hack or better ;3
not sure how fast i’ll finish the work, but it’s not unwise to expect it to be out sometime next week
@domi @erincandescent @k4m1 @alina @a51c I kinda like RP because sometimes you just need to get a hold of someone to fix something, but I understand why this might not be safe to be generally queryable. Accountability is easier at small scale and gets complicated in larger and federated systems
If there wasn't DNS, the fastest distributed nosql database in existence, there is an alternate reality where everything is a forest of LDAP service instead with per record and attribute access control.
@domi @erincandescent @k4m1 @alina @a51c hm they don't seem too bad (albeit it feels like all the fingerprint-in-DNS things should be one RR type with quite flexible subtypes)
and the fingerprint-in-DNS stuff only makes sense with DNSSEC, and if one can trust the TLD NIC and all the other intermediate ones, of course.
@domi @erincandescent @k4m1 @alina @arrjay This toot makes me angry, not because it's wrong, but because it's right. 😑
And to say "we" "commonly" use IPv6 is... charitable. 😒
@domi @erincandescent @k4m1 @alina the way IP networking was integrated into Unix in the first place is a weird bolt-on hack that doesn't integrate with the overall system design very well, eg a virtual filesystem in /dev would be more on-point than the BSD Sockets API, and there is a weird hand off between what's the job of the kernel and what's in user space that makes new protocols very hard to deploy.
There is probably a better way to do all of it that we'll never know because people are not omniscient, they didn't think of it at the time, and compatibility is more important than perfection
@domi @erincandescent @k4m1 @alina
It could be worse.
Imagine a world where HTTP was never invented and they managed to build everything on top of SMTP and port 25 instead...
(I'm reminded of the scene in "Miri" where they find the abandoned office building and start going through the old records...
SPOCK: Their technological development roughly matches that of your Earth up through the late 1980s when *something* went horribly, horribly wrong.
MCCOY [reading file]: What in God's name is HMTP?
CHILDREN'S VOICES [in the distance, singing]: Nyah, nyah, nyah, nyah nyah.
.
[...and no, I have no idea how they get out of this one...]
k4m1
dmi 💽 
alina🐾💖✨🏳️⚧️
Erin 💽✨
groff 🇺🇦
ity [unit X-69] - VIOLENT FUCK
Wilfried Klaebe
Stryder Notavi
Dec [{(
)}]
Wolf480pl
artemist
Sven
Eloy.
🌬️
Athena L.M.
The cat who walks thru walls
Σ(i³) = (Σi)²
Christian Huitema
George Jones
postie 📗
Patrys
always tired
📎 a51c
Raven667
Έλλεν Εμίλια Ά.ζ.
Andres
tempest
Jima 
Roger Crew✅❌☑🗸❎✖✓✔
The Secretbatcave