Cloudflare Blog: Deep Dive

July 02, 2019 4:50PM

Cloudflare outage caused by bad software deploy (updated)

Starting at 1342 UTC today we experienced a global outage across our network that resulted in visitors to Cloudflare-proxied domains being shown 502 errors (“Bad Gateway”). The cause of this outage was deployment of a single misconfigured rule within the Cloudflare Web Application Firewall (WAF)...

John Graham-Cumming

June 26, 2019 11:22PM

The deep-dive into how Verizon and a BGP Optimizer Knocked Large Parts of the Internet Offline Monday

RPKI BGP Deep Dive Post Mortem

On Monday we wrote about a painful Internet wide route leak. We wrote that this should never have happened because Verizon should never have forwarded those routes to the rest of the Internet. Today we will dive into the archived routing data and analyze it....

Martin J Levy

June 20, 2019 2:02PM

The Quantum Menace

Crypto Week Crypto Research Cryptography Security Product News Deep Dive Post-Quantum

The impact of quantum computing on cryptography conducts research and development towards a Post-Quantum era....

Armando Faz-Hernández

June 20, 2019 2:01PM

Towards Post-Quantum Cryptography in TLS

Crypto Week Crypto Cryptography Security Product News TLS Deep Dive

In anticipation of wide-spread quantum computing, the transition from classical public-key cryptography primitives to post-quantum (PQ) alternatives has started....

Kris Kwiatkowski

April 17, 2018 11:11PM

mmproxy - Creative Linux routing to preserve client IP addresses in L7 proxies

Linux Tech Talks Reliability Spectrum Product News Security Deep Dive

In previous blog post we discussed how we use the TPROXY iptables module to power Cloudflare Spectrum. With TPROXY we solved a major technical issue on the server side, and we thought we might find another use for it on the client side of our product....

Marek Majkowski

February 20, 2018 7:49PM

Using Go as a scripting language in Linux

At Cloudflare we like Go. We use it in many in-house software projects as well as parts of bigger pipeline systems. But can we take Go to the next level and use it as a scripting language for our favourite operating system, Linux?...

By

Ignat Korchagin

Linux , Go , Tech Talks , Developers , Programming

October 23, 2015 3:24PM

Results of experimenting with Brotli for dynamic web content

Compression is one of the most important tools CloudFlare has to accelerate website performance. Compressed content takes less time to transfer, and consequently reduces load times....

By

Vlad Krasnov

Compression , Tech Talks , Optimization , Speed & Reliability , Deep Dive

October 09, 2015 11:26AM

Single RX queue kernel bypass in Netmap for high packet rate networking

In a previous post we discussed the performance limitations of the Linux kernel network stack. We detailed the available kernel bypass techniques allowing user space programs to receive packets with high throughput....

By

Gilberto Bertin

Tech Talks , Open Source , Programming , Deep Dive

June 16, 2015 2:47PM

How to receive a million packets per second

Last week during a casual conversation I overheard a colleague saying: "The Linux network stack is slow! You can't expect it to do more than 50 thousand packets per second per core!"...

By

Marek Majkowski

Linux , Tech Talks , Deep Dive

July 11, 2014 2:00PM

Courage to change things

This was an internal email that I sent to the CloudFlare team about how we are not afraid to throw away old code. We thought it was worth sharing with a wider audience....

By

John Graham-Cumming

Speed & Reliability , Tech Talks , Life @ Cloudflare , Deep Dive

February 13, 2014 1:00AM

Technical Details Behind a 400Gbps NTP Amplification DDoS Attack

On Monday we mitigated a large DDoS that targeted one of our customers. The attack peaked just shy of 400Gbps. We've seen a handful of other attacks at this scale, but this is the largest attack we've seen that uses NTP amplification....

By

Matthew Prince

NTP , Attacks , Tech Talks , Reliability , DDoS

January 21, 2014 4:00PM

Protect Your Sites With Rapidly Deployed WAF Rules

An attack on your site could be catastrophic. Even a small attack can have major implications. Responding quickly to an attack is imperative....

By

John Graham-Cumming

WAF Rules , Tech Talks , WAF , Deep Dive

December 22, 2013 5:00PM

Keeping our open source promise

Back in October I wrote a blog post about CloudFlare and open source software titled CloudFlare And Open Source Software: A Two-Way Street which detailed the many ways in which we use and support open source software....

By

John Graham-Cumming

OpenSSL , Open Source , LUA , Developers , Deep Dive

December 06, 2012 9:19AM

Efficiently compressing dynamically generated web content

With the widespread adoption of high bandwidth Internet connections in the home, offices and on mobile devices, limitations in available bandwidth to download web pages have largely been eliminated....

By

John Graham-Cumming

Tech Talks , Speed & Reliability , Compression , Cache , Deep Dive