More data, more data

Published on by Hunter Blanks.

"multas per gentes et multa per aequora" [1] The life of a request to CloudFlare begins and ends at the edge. But the afterlife! Like Catullus to Bithynia, the log generated by an HTTP request or a DNS query has much, much further to go. This post comes from CloudFlare's Data Team. It reports the state of processing these sort of edge logs, including what's worked…

Why we use the Linux kernel's TCP stack

Published on by Marek Majkowski.

A recent blog post posed the question Why do we use the Linux kernel's TCP stack?. It triggered a very interesting discussion on Hacker News. I've also thought about this question while working at CloudFlare. My experience mostly comes from working with thousands of production machines here and I can try to answer the question from that perspective. CC BY 2.0 image by John Vetterli Let's start…

HTTP/2 Server Push with multiple assets per Link header

Published on by John Graham-Cumming.

In April we announced that we had added experimental support for HTTP/2 Server Push to all CloudFlare web sites. We did this so that our customers could iterate on this new functionality. CC BY 2.0 image by https://www.flickr.com/photos/mryipyop/ Our implementation of Server Push made use of the HTTP Link header as detailed in W3C Preload Working Draft. We also showed how…

Economical With The Truth: Making DNSSEC Answers Cheap

Published on by Dani Grant.

We launched DNSSEC late last year and are already signing 56.9 billion DNS record sets per day. At this scale, we care a great deal about compute cost. One of the ways we save CPU cycles is our unique implementation of negative answers in DNSSEC. CC BY-SA 2.0 image by Chris Short I will briefly explain a few concepts you need to know about DNSSEC and…