Subscription confirmed. Thank you for subscribing!
November 25, 2022 2:00PM
In this blog we'll discuss how we manage Cloudflare IP addresses used to retrieve the data from the Internet, how our egress network design has evolved, how we optimized it for best use of available IP space and introduce our soft-anycast technology...
July 26, 2022 2:00PM
在这篇博客文章中,我准备谈一谈自己钻研 Linux 网络堆栈的过程,在这期间,我认真学习了 TCP 连接接收端的内存和窗口管理...
July 26, 2022 2:00PM
在本篇部落格貼文中,我將與大家分享我深入 Linux 網路堆疊的旅程,試著去瞭解 TCP 連線接收端的記憶體及視窗管理情況...
July 26, 2022 2:00PM
In this blog post I'll share my journey deep into the Linux networking stack, trying to understand the memory and window management of the receiving side of a TCP connection...
February 02, 2022 9:53AM
Often programmers have assumptions that turn out, to their surprise, to be invalid. From my experience this happens a lot. Every API, technology or system can be abused beyond its limits and break in a miserable way...
November 25, 2021 5:27PM
Historically Cloudflare's core competency was operating an HTTP reverse proxy. We've spent significant effort optimizing traditional HTTP/1.1 and HTTP/2 servers running on top of TCP. Recently though, we started operating big scale stateful UDP services....
May 06, 2021 2:00PM
Is it ok to have if clauses that will basically never be run? Surely, there must be some performance cost to that......
December 18, 2020 12:00PM
Last year we deployed a CSAM image scanning tool. This is so cool! Image processing is always hard, and deploying a real image identification system at a Cloudflare scale is no small achievement! But we hit a problem - the matching algorithm was too slow for our needs....
June 18, 2020 12:56PM
My program received a SIGSEGV signal and crashed with "Segmentation Fault" message. Where does the "V" come from? Did I read it wrong? Was there a "Segmentation *V*ault?"? Or did Linux authors make a mistake? Shouldn't the signal be named SIGSEGF?...
April 06, 2020 12:00PM
We were wondering - can we just enable Linux "conntrack"? How does it actually work? I volunteered to help the team understand the dark corners of the Linux's "conntrack" stateful firewall subsystem....
March 02, 2020 1:00PM
Last month finally I had an opportunity to use Bloom filters. I became fascinated with the promise of this data structure, but I quickly realized it had some drawbacks. This blog post is the tale of my brief love affair with Bloom filters....
September 20, 2019 4:53PM
We noticed something weird - the TCP sockets which we thought should have been closed - were lingering around. We realized we don't really understand when TCP sockets are supposed to time out! We naively thought enabling TCP keepalives would be enough... but it isn't!...
September 20, 2019 4:53PM
在我们的Spectrum服务器上工作时,我们注意到了一些奇怪的现象:我们认为应该关闭了的TCP套接字一直在徘徊。我们意识到我们并不真正了解TCP套接字何时应该超时!...
September 20, 2019 4:53PM
닫혀 있어야 할 TCP 소켓이 계속 남아 있다는 이상한 점을 깨닫게 되었습니다. TCP 소켓이 언제 타임 아웃되는지 제대로 이해하고 있지 않았던 것입니다! TCP 킵얼라이브만 켜 두면 될 거라 생각했습니다만... 그렇지 않았습니다!...
July 10, 2019 2:07PM
For some time I’ve wanted to play with coverage-guided fuzzing. I decided to have a go at the Linux Kernel netlink machinery. It's a good target: it's an obscure part of kernel, and it's relatively easy to automatically craft valid messages....
May 18, 2019 4:00PM
最近,在布拉格Linux网络会议Netdev 0x13上,我做了一个简短的演讲,题目是“Cloudflare上的Linux”。演讲最后主要是关于BPF(柏克莱封包过滤器)的。似乎,不管问题是什么——BPF都是答案。...
May 18, 2019 4:00PM
Récemment à laNetdev 0x13, lors de la conférence sur les réseaux Linux à Prague, je suisbrièvement intervenu sur « Linux chez Cloudflare ». La discussion a surtout porté sur BPF. Il semble, peu importe la question, que la réponse soit BPF....
May 18, 2019 4:00PM
Recientemente, en Netdev 0x13, la conferencia sobre Redes en Linux en Praga, di una breve charla titulada “Linux en Cloudflare”. La charla terminó siendo casi en su totalidad sobre el BPF....
May 18, 2019 4:00PM
Recently at I gave a short talk titled "Linux at Cloudflare". The talk ended up being mostly about BPF. It seems, no matter the question - BPF is the answer. Here is a transcript of a slightly adjusted version of that talk....
May 18, 2019 2:00PM
Vor Kurzem hielt ich bei der Netdev 0x13 , der Konferenz über Linux-Netzwerke in Prag, einen kurzen Vortrag mit dem Titel „Linux bei Cloudflare“....
