Review of iPad Air 5 (2022)

I have owned a iPad Air 3 for three years. I used it for reading and watching videos. Apple announced a new iPad Air 5 equipped with M1 SoC a month ago. 

This is a specs comparison between iPad Air 3, 4 and 5.

I received my order of iPad Air 5 last week. Here is my take on iPad Air 5.

Good

• USB Type-C port with DisplayPort mode. This is the biggest motivation for me to upgrade.
• Touch ID.
• Powerful M1 SoC.
• Larger 8GB RAM. (iPad Air 3 has 3GB)
  
• Speakers on both sides.
• Ultrawide front camera.
• Rear camera capable of 4k60p video recording. Although I never will record video with an iPad.
  
• WiFi 6.
  

Bad

• Lower battery capacity.
• No 3.5mm jack.
• The rear surface is not flat due to the protruding camera lens.
  
• No home button. I find the gesture error prone. So I turned on assistive touch.
  
• The fingerprint sensor is on the edge, which is difficult to access with one hand while the tablet is on a flat surface.
• The fingerprint sensor is placed on the lock button. I often press the button while trying to unlock.
  
• The edge is sharp and uncomfortable to hold. While iPad Air 3 has a smooth edge.
  

I wish Apple could build an iPad which has the best of both:

• USB-C port
• M1 SoC
• 8GB RAM
  
• Home button with fingerprint sensor
• Flat bottom (I don't care about rear camera specs.)
• Smooth edge
  

I also considered the iPad Air 4 which is $100 cheaper than 5. But it does not have M1 SoC or 8GB RAM. So I bought the 5.

NAT64 (RFC 6146) and DNS64 (RFC6147) on OpenWrt 21.02

Tested on OpenWrt 21.02.02 on Linksys EA8300.

 

NAT64

opkg update && opkg install kmod-jool jool-tools

Add the following to /etc/rc.local

insmod jool_common
insmod jool
jool instance add --netfilter --pool6 64:ff9b::/96

DNS64

Add the following to the LAN's dhcp section in /etc/config/dhcp

    list dns '2001:4860:4860::6464'
    list dns '2001:4860:4860::64'

References

• https://www.jool.mx/en/cheat-sheet.html
• https://developers.google.com/speed/public-dns/docs/dns64
  

Fixing AT&T fiber's connectivity to China on OpenWrt

Note: AT&T fiber's IPv6 and IPv4 connectivity to China was restored as of Jan 2023. So the workaround below is unnecessary.

I switched to AT&T fiber last month and then found out that I could not open douban.com anymore. Some web search led me to https://www.reddit.com/r/ATT/comments/mbutte/is_att_blocking_china_internet_backbones/

So basically AT&T fiber has connectivity issue with IPv4 addresses in China. And they are unwilling to admit it or fix it. So I had three options,

1. Switch back to Comcast.
   
2. Install VPN on my devices and turn on VPN when I want to visit Chinese websites.
3. Connect my router to a VPN and change its routing table to use the VPN for IPv4 addresses in China.

Option 1 is not preferred because Comcast's cable network has abysmal upload speed. Option 2 is feasible but requires VPN on my laptop, phone, and tablet. So I chose option 3.

Although AT&T fiber does not allow customers to bring their own router, the AT&T router supports IPv6 prefix delegation and IPv4 port forwarding. So I installed a OpenWRT router behind the AT&T one.

I configured wireguard on OpenWRT to connect to a VPS. Then I downloaded a list of IP net blocks in China from ip2location. I wrote a script to convert the list to a big OpenWRT static route config file and appended it to /etc/config/network. Then I executed service network reload. However, the command hung. It seemed OpenWrt could not handle 7000+ static routes. So I gave up on this option.

Eventually I worked out a solution using ipset, iptables, and shadowsocks.

1) Install shadowsocks on the VPS and configure it to run as a server.

2) Install shadowsocks-libev on OpenWrt and configure it to run ss-redir on port 2333.

3) Install ipset on OpenWrt.

4) On OpenWrt, create a file at /root/ipset.conf with following contents,

create china hash:net family inet hashsize 2048 maxelem 65536

add china 223.223.192.0/20

add china 47.89.54.0/23

repeat the "add china" pattern for all ip blocks in China.

5) On OpenWrt, append the following to /etc/firewall.user. This will instruct iptables to redirect all TCP connections to China to the ss-redir port.

ipset restore < /root/ipset.conf
iptables -t nat -A prerouting_lan_rule -p tcp -m set --match-set china dst -j REDIRECT --to-port 2333

6) Run service firewall restart on OpenWrt. (Or simply reboot OpenWrt)

7) Visit https://www.123cha.com. It should display the IP of the VPS.

Setting up 802.11s mesh on OpenWRT 21.02 routers

Update: I ran iperf3 on both 802.11s and WDS modes. 802.11s got about 150Mbps, while WDS had more than 200 Mbps. I reverted my setup to WDS.

I have two routers, Linksys EA7300v2 and Lenovo Y1, both running OpenWrt. I use WDS between them to build a wireless bridge. Recently I learned that WDS is deprecated and 802.11s is the replacement.

Here are steps to create a 802.11s mesh on OpenWrt 21.02,

1) Run command iw list | grep "Supported interface modes" -A 9 and check if the output contains "mesh point". If it does not, then the wireless driver does not support 802.11s.

2) Opkg remove the wpad-basic-wolfssl package and then install wpad-wolfssl. Because the former does not support mesh.

3) Reboot the device.

3) Append the following config to both devices' /etc/config/wireless file,

config wifi-iface '{set_a_name}'
    option device '{set_accordingly}'
    option mode 'mesh'
    option mesh_fwding '1'
    option mesh_rssi_threshold '0'
    option network 'lan'
    option mesh_id '{set_the_same_id}'
    option encryption 'sae'
    option key '{set_the_same_key}'
    option ifname 'wlan-mesh'

4) Run wifi reload.

5) Wait a few seconds and run iw dev wlan-mesh station dump. If the output is not empty, then the mesh setup is successful.

6) If the output is empty after a few minutes, run logread and see if there are any errors. I found that the EA7300 would fail to start the mesh if I set the channel to auto or a DFS channel. But the Lenovo Y1 does not have this problem. So I manually set the radios on both devices to channel 48 and it worked after wifi reload. 

References

• https://openwrt.org/docs/guide-user/network/wifi/mesh/80211s
• https://www.cwnp.com/wp-content/uploads/pdf/802.11s_mesh_networking_v1.0.pdf
• https://www.simianer.de/blog/home-wifi-setup-with-802.11s-meshing-and-802.11r-roaming
  

Reasons to avoid cable modem router combos

I recently upgraded my Comcast Internet connection to 600Mbps. But my old cable modem only supports 160Mbps. So I bought a used Netgear C7000v2 router modem combo to replace both my old modem and router. I hoped that it would make my room more tidy.

The router combo's specs is not bad. It supports DOCSIS 3.0 and WiFi 5. The setup was very smooth. And a speed test yielded more than 300Mbps.

However, I found many limitations of the modem router combo in the first two weeks with it.

• Only the ISP may upgrade the firmware. And ISP can push new firmwares without user consent. This implies that ISP might have full control over the router. A friend's Netgear CAX80 got bricked overnight likely due to an ISP initiated firmware update.
  
• The guest WiFi does not hand out IPv6 addresses.
• Does not support DNS over TLS or HTTPS.
• No support for WPA3.
  
• The management web page is sluggish and lacks many options (intentionally?). I was not able to
• Disable WiFi Protected Setup completely
  
• Change WiFi channel bandwidth (it always uses 80MHz on the 5G band)
  
• Turn off 2.4G band radio

Fortunately, the router combo has a bridge mode, which makes it a standalone cable modem. So I turned on the bridge mode and reconnected my old router.

So my conclusion is, if you are a tech-savvy person, you are not likely to be happy with a router modem combo. But if you do not know WPA3, IPv6, DNS, or wireless channel bandwidth, a router modem may be a good choice.

Kobo Libra 2 Review

I bought a Kobo Libra 2 last week for $180. Here is my review of it.

Libra 2 has these upgrades over Libra H2O

1. USB-C port
2. More even front light (at least compared with my Libra H2O)
3. Slightly sharper display
   
4. 4x larger internal storage
   
5. Support for audio books via Bluetooth
   
6. More ergonomic edge and buttons

However, Libra 2 is about 20 grams heavier than Libra H2O. I think it is possibly due to the extra hardware for Bluetooth. In addition, Libra 2 still does not have Dropbox integration. You have to buy a Forma or Elipsa for Dropbox.

Thinkpad X13 Gen 2 AMD review

I purchased a Thinkpad X13 Gen 2 laptop with AMD Ryzen 5 Pro 5650U CPU and 16 GB RAM. The part number is 20XH002MUS. Here is a short review.

Good

• 16:10 screen
• 6 core CPU provides decent power
  
• user replaceable SSD
• user replaceable WiFi card
• Fingerprint sensor has Linux driver
• Preloaded with Windows 10 Pro (not home). Although I would immediately install Linux.
  

Bad

• The screen is dim (300 nit brightness) 
• Key travel is even shorter than X1 carbon 8th gen.
  
• The two USB-C ports do not support Thunderbolt.
• RT8852AE WiFi card has no mainline Linux support. Fortunately it is not soldered. So I replaced it with a AX210.
• The heat sink exhaust is on the right side, which is inconvenient for right handed people.