cloudflare News - CNX Software - Embedded Systems News

January 6, 2020April 15, 2023 by Jean-Luc Aufranc (CNXSoft) - 13 Comments

GL.iNet Slate OpenWrt Travel Router Supports Tor, Wireguard VPN, and Cloudflare DNS over HTTPS/TLS

A couple of months ago, we wrote about GL.iNet Mudi portable WiFi router with built-in 4G LTE connectivity and supporting features such as the Tor Project, up to 25 VPN providers, and Cloudflare DNS over HTTPS or TLS. Mudi was launched on Kickstarter and should start shipping very soon, but I was informed about another OpenWrt travel router from the company with GL.iNet Slate also supporting many of the same features, but doing away with built-in cellular connectivity and battery. GL.iNet Slate (GL-AR750S-Ext) router specifications: SoC – Qualcomm QCA9563 MIPS 74Kc processor @ 775MHz System Memory – 128MB DDR2 Storage – Dual Flash 16MB NOR + 128MB NAND, MicroSD card slot up to 128GB Networking Ethernet 1x Gigabit Ethernet WAN 2x Gigabit Ethernet LAN WiFi Dual-band 802.11 b/g/n/ac WiFi 5 with transmission rates up to 300Mbps (2.4GHz) + 433Mbps (5GHz) 2x 2dBi external antennas 3G/4G – Optional via cellular USB […]

April 14, 2018April 14, 2018 by Jean-Luc Aufranc (CNXSoft) - 7 Comments

Optimizing JPEG Transformations on Qualcomm Centriq Arm Servers with NEON Instructions

Arm servers are already deployed in some datacenters, but they are pretty new compared to their Intel counterparts, so at this stage software may not always be optimized as well on Arm as on Intel. Vlad Krasnow working for Cloudflare found one of those unoptimized cases when testing out Jpegtran – a utility performing lossless transformation of JPEG files – on one of their Xeon Silver 4116 Server:

vlad@xeon:~$ time  ./jpegtran -outfile /dev/null -progressive -optimise -copy none test.jpg

real    0m2.305s
user    0m2.059s
sys     0m0.252s

vlad@xeon:~$ time ./jpegtran -outfile /dev/null -progressive -optimise -copy none test.jpg

real 0m2.305s

user 0m2.059s

sys 0m0.252s

and comparing it to one based on Qualcomm Centriq 2400 Arm SoC:

vlad@arm:~$ time ./jpegtran -outfile /dev/null -progressive -optimise -copy none test.jpg

real    0m8.654s
user    0m8.433s
sys     0m0.225s

vlad@arm:~$ time ./jpegtran -outfile /dev/null -progressive -optimise -copy none test.jpg

real 0m8.654s

user 0m8.433s

sys 0m0.225s

Nearly four times slower on a single core. Not so good, as the company aims for at least 50% of the performance since the Arm processor has double the number of cores. Vlad did some optimization on The Intel processor using SSE instructions before, so he decided to look into optimization the Arm code with NEON instructions instead. First step was to check which functions may slowdown the […]

April 2, 2018April 7, 2018 by Jean-Luc Aufranc (CNXSoft) - 15 Comments

Cloudflare Introduces 1.1.1.1 Privacy-focused DNS Service with DNS over HTTPS and DNS over TLS Support

The web is becoming more secure as more and more websites leverage HTTPS, which also improves privacy since the only nodes that know which exact page you are accessing should be your computer/device and the server running the website. If you’re using a search engine, they will also know and potentially get track of your history depending on your favorite search engine. One thing that’s still often unencrypted are DNS requests which convert a website name into an IP address. The servers are also often provided by your ISP, so they may not know which exact page you’ve accessed, but they can still keep track of the websites you’ve visited. Depending where you live, your government may also block DNS servers in your country during “periods of unstability”, so third-party DNS services can be useful. For example, using 8.8.8.8 or 8.8.8.4 from Google, and now 1.1.1.1 or 1.0.0.1 from Cloudflare, […]

December 28, 2017 by Jean-Luc Aufranc (CNXSoft) - 7 Comments

Help Testing TLS 1.3 Compatibility for a More Efficient & Secure Internet

Transport Layer Security (TLS) is the protocol that allows for secure websites (via https), and currently, TLS 1.2 is the version most commonly used today, with 1.0 and 1.1 still supported by many servers for backward compatibility with older browsers, including the one running this blog. TLS 1.3 is the next version, already supported in libraries and server software such as wolfSSL or nginx, and promises to be more efficient – important for battery operated devices (IoT) – thanks to features like zero-RTT (0-RTT) mode, speedy with a restructured handshake state machine, and more secure. However, changes in security protocol may mess up connection with some browsers or middleboxes, as I experience when I enabled https on CNX Software using Let’s Encrypt with nginx and Cloudflare, with around 0.5% of users losing access due to using older web browsers and operating systems such as Internet Explorer on Windows XP. According […]

August 22, 2017December 28, 2017 by Jean-Luc Aufranc (CNXSoft) - 34 Comments

Installing Let’s Encrypt Free SSL/TLS Certificate in 2 Minutes with Certbot, Spending Hours Making it Work with Cloudflare

I’ve been using an SSL certificate to the download subdomain of this blog running ownCloud for about 2 years, but recently my free StartSSL certificate expired, and I had troubles to renew it, and I also received an email from Google telling me that “Starting October 2017, Chrome (version 62) will show a “NOT SECURE” warning when users enter text in a form on an HTTP page, and for all HTTP pages in Incognito mode”. So I decide to use free LetsEncrypt SSL/TLS certificates to replace the one in the download subdomain, as well as this main blog. Such SSL/TLS certificates are also very useful for the IoT gateways many of use have started using, and I found it’s even simpler than install a self-signed certificate, so there’s no reason to use those anymore. The easiest way to install Let’s Encrypt certificate is by using Certbot with instructions for various […]

June 24, 2012February 3, 2013 by Jean-Luc Aufranc (CNXSoft) - 1 Comment

Migrating a WordPress Blog from Apache2 to Nginx

This blog is hosted on a Linode VPS with 512 MB RAM and running Ubuntu 11.10. Up until today, Apache2 was the web server, and it worked fine except sometimes, it reached connection and memory limits, and the blog would go offline for a short period of time, especially right after a new blog post. So this week-end, I decided to switch to nginx (pronounced engine-x) web server which is said to use less memory than Apache2. Let me know if something suddenly stopped working… nginx is a relatively recent web server, and the documentation on the web seems to become outdated pretty fast, so I’ve decided to document what I’ve done. The first thing I would recommend is to try it in your own local server first, and make sure most things are working including plugins. Testing your WordPress blog with nginx in a local server I run Ubuntu […]