Hi, I'm Filippo and today I managed to surprise myself! (And not in a good way.) I'm developing a new module ("filter" as we call them) for RRDNS, CloudFlare's Go DNS server. It's a rewrite of the authoritative module, the one that adds the IP addresses to DNS
DNS parser, meet Go fuzzer
Here at CloudFlare we are heavy users of the github.com/miekg/dns Go DNS library and we make sure to contribute to its development as much as possible. Therefore when Dmitry Vyukov published go-fuzz and started to uncover tens of bugs in the Go standard library, our task was
A deep look at CVE-2015-5477 and how CloudFlare Virtual DNS customers are protected
Last week ISC published a patch for a critical remotely exploitable vulnerability in the BIND9 DNS server capable of causing a crash with a single packet. CC BY 2.0 image by Ralph Aversen The public summary tells us that a mistake in handling of queries for the TKEY type
Quick and dirty annotations for Go stack traces
CloudFlare’s DNS server, RRDNS, is entirely written in Go and typically runs tens of thousands goroutines. Since goroutines are cheap and Go I/O is blocking we run one goroutine per file descriptor we listen on and queue new packets for processing. CC BY-SA 2.0 image by wiredforlego
Setting Go variables from the outside
CloudFlare's DNS server, RRDNS, is written in Go and the DNS team used to generate a file called version.go in our Makefile. version.go looked something like this: // THIS FILE IS AUTOGENERATED BY THE MAKEFILE. DO NOT EDIT. // +build make package version var ( Version = "2015.6.2-6-gfd7e2d1-dev"