September 20, 2019 3:53PM
We noticed something weird - the TCP sockets which we thought should have been closed - were lingering around. We realized we don't really understand when TCP sockets are supposed to time out! We naively thought enabling TCP keepalives would be enough... but it isn't!...
September 20, 2019 3:53PM
닫혀 있어야 할 TCP 소켓이 계속 남아 있다는 이상한 점을 깨닫게 되었습니다. TCP 소켓이 언제 타임 아웃되는지 제대로 이해하고 있지 않았던 것입니다! TCP 킵얼라이브만 켜 두면 될 거라 생각했습니다만... 그렇지 않았습니다!...
July 10, 2019 1:07PM
For some time I’ve wanted to play with coverage-guided fuzzing. I decided to have a go at the Linux Kernel netlink machinery. It's a good target: it's an obscure part of kernel, and it's relatively easy to automatically craft valid messages....
July 06, 2019 1:00PM
En interne, notre équipe d’atténuation des attaques DDoS est parfois appelée « les supprimeurs de paquets ». Tandis que d’autres équipes créent des produits passionnants permettant de gérer intelligemment le trafic transitant par notre...
July 06, 2019 1:00PM
Intern wird unser DDoS-Abwehrteam manchmal „the packet droppers“ („die Paketverwerfer“) genannt. Während andere Teams aufregende Produkte entwickeln, um intelligente Dinge mit dem Datenverkehr zu tun...
July 06, 2019 1:00PM
A veces, a nivel interno, a nuestro equipo de mitigación de DDoS se lo llama “packet droppers” (eliminadores de paquetes). Cuando otros equipos desarrollan productos interesantes para hacer cosas inteligentes con el tráfico que pasa a través de nuestra red,...
May 18, 2019 3:00PM
Recientemente, en Netdev 0x13, la conferencia sobre Redes en Linux en Praga, di una breve charla titulada “Linux en Cloudflare”. La charla terminó siendo casi en su totalidad sobre el BPF....
May 18, 2019 3:00PM
Récemment à laNetdev 0x13, lors de la conférence sur les réseaux Linux à Prague, je suisbrièvement intervenu sur « Linux chez Cloudflare ». La discussion a surtout porté sur BPF. Il semble, peu importe la question, que la réponse soit BPF....
May 18, 2019 3:00PM
Recently at I gave a short talk titled "Linux at Cloudflare". The talk ended up being mostly about BPF. It seems, no matter the question - BPF is the answer. Here is a transcript of a slightly adjusted version of that talk....
May 18, 2019 1:00PM
Vor Kurzem hielt ich bei der Netdev 0x13 , der Konferenz über Linux-Netzwerke in Prag, einen kurzen Vortrag mit dem Titel „Linux bei Cloudflare“....
March 15, 2019 5:01PM
Ladies and gentlemen, I would like you to welcome the new shiny RFC8482, which effectively deprecates DNS ANY query type. DNS ANY was a "meta-query" - think about it as a similar thing to the common A, AAAA, MX or SRV query types, but unlike these it wasn't a real query type - it was special....
February 18, 2019 1:13PM
Proper TCP socket splicing reduces the load on userspace processes and enables more efficient data forwarding. We realized that Linux Kernel's SOCKMAP infrastructure can be reused for this purpose....
January 04, 2019 11:02AM
The Linux AIO is designed for, well, Asynchronous disk IO! Disk files are not the same thing as network sockets! Is it even possible to use the Linux AIO API with network sockets in the first place? The answer turns out to be a strong YES!...
November 23, 2018 3:49PM
最近,在访问山景城的计算机历史博物馆的时,我深深地被过去的一些磁芯内存所吸引。我发现我完全不知道这些东西曾经是如何运作的。我想知道环是否旋转(它们没有),以及为什么每个环都有三根电线穿过(我仍然不明白它们是如何工作的)。更重要的是,我意识到我对现代计算机内存——动态RAM的工作方式知之甚少!...
November 23, 2018 3:49PM
Durante mi reciente visita al Computer History Museum (Museo de historia de los ordenadores) en Mountain View, me detuve a contemplar una antigua memoria de núcleos magnéticos....
