November 03, 2021 2:37PM
The tale of a single register value
It’s not every day that you get to debug what may well be a packet of death. It was certainly the first time for me. What do I mean by “a packet of death”? A software bug where the network stack crashes in reaction to a single received network packet, taking down the whole operating system with it....
March 04, 2021 12:00PM
Conntrack turns a blind eye to dropped SYNs
We have been dealing with conntrack, the connection tracking layer in the Linux kernel, for years. And yet, despite the collected know-how, questions about its inner workings occasionally come up. When they do, it is hard to resist the temptation to go digging for answers....
October 12, 2019 2:00PM
It's crowded in here!
We recently gave a presentation on Programming socket lookup with BPF at the Linux Plumbers Conference 2019 in Lisbon, Portugal. This blog post is a recap of the problem statement and proposed solution we presented....
May 03, 2019 2:00PM
eBPF can't count?!
It is unlikely we can tell you anything new about the extended Berkeley Packet Filter, eBPF for short, if you've read all the great man pages, docs, guides, and some of our blogs out there. But we can tell you a war story, who doesn't like those?...