Keep up to date with Cloudflare’s latest news. Subscribe to the Blog.
July 10, 2019 1:07PM
For some time I’ve wanted to play with coverage-guided fuzzing. I decided to have a go at the Linux Kernel netlink machinery. It's a good target: it's an obscure part of kernel, and it's relatively easy to automatically craft valid messages....
May 18, 2019 3:00PM
Recently at I gave a short talk titled "Linux at Cloudflare". The talk ended up being mostly about BPF. It seems, no matter the question - BPF is the answer. Here is a transcript of a slightly adjusted version of that talk....
March 15, 2019 5:01PM
Ladies and gentlemen, I would like you to welcome the new shiny RFC8482, which effectively deprecates DNS ANY query type. DNS ANY was a "meta-query" - think about it as a similar thing to the common A, AAAA, MX or SRV query types, but unlike these it wasn't a real query type - it was special....
February 18, 2019 1:13PM
Proper TCP socket splicing reduces the load on userspace processes and enables more efficient data forwarding. We realized that Linux Kernel's SOCKMAP infrastructure can be reused for this purpose....
January 04, 2019 11:02AM
The Linux AIO is designed for, well, Asynchronous disk IO! Disk files are not the same thing as network sockets! Is it even possible to use the Linux AIO API with network sockets in the first place? The answer turns out to be a strong YES!...
November 23, 2018 3:49PM
最近,在访问山景城的计算机历史博物馆的时,我深深地被过去的一些磁芯内存所吸引。我发现我完全不知道这些东西曾经是如何运作的。我想知道环是否旋转(它们没有),以及为什么每个环都有三根电线穿过(我仍然不明白它们是如何工作的)。更重要的是,我意识到我对现代计算机内存——动态RAM的工作方式知之甚少!...
November 23, 2018 3:49PM
Durante mi reciente visita al Computer History Museum (Museo de historia de los ordenadores) en Mountain View, me detuve a contemplar una antigua memoria de núcleos magnéticos....
November 23, 2018 3:49PM
Als ich kürzlich das Computer History Museum in Mountain View besuchte, stieß ich auf einen alten Magnetkernspeicher....
November 23, 2018 3:49PM
Lors de ma récente visite au musée de l'histoire de l'ordinateur de Mountain View, je me suis retrouvé devant une section d'une mémoire à tores magnétiques ....
November 23, 2018 3:49PM
I was particularly interested in one of the consequences of how dynamic RAM works. You see, each bit of data is stored by the charge (or lack of it) on a tiny capacitor within the RAM chip. But these capacitors gradually lose their charge over time....
November 12, 2018 11:27AM
It's been a while since we last wrote about Layer 3/4 DDoS attacks on this blog. This is a good news - we've been quietly handling the daily onslaught of DDoS attacks. Since our last write-up, a handful of interesting L3/4 attacks have happened. Let's review them....
September 27, 2018 2:38PM
在过去的几天里,我们观察到隐蔽的放大攻击向量的频次大幅增加,这些放大攻击使用了来自UDP端口11211 的memcached协议。之前我们已经谈论过很多关于互联网上放大攻击的话题。我们最近关于这个主题的两篇博文是:...
September 10, 2018 9:21AM
Back in 2015 we deployed ECMP routing - Equal Cost Multi Path - within our datacenters. This technology allowed us to spread traffic heading to a single IP address across multiple physical servers....
July 06, 2018 1:00PM
Internally our DDoS mitigation team is sometimes called "the packet droppers". When other teams build exciting products to do smart things with the traffic that passed through our network, we take joy in discovering novel ways of discarding it....
July 06, 2018 12:00PM
사내에서 DDoS 대응팀은 종종 "패킷 버리는 사람들"이라 불립니다. 다른 팀이 우리 네트워크를 통해 지나가는 트래픽으로 스마트한 일을 하며 신나할 때 우리는 그걸 버리는 여러가지 방법을 찾아가며 즐거워 합니다....
