In the previous post we described the Firewall Rules architecture and how the different components are integrated together. We created a configurable Rust library for writing and executing Wireshark®-like filters in different parts of our stack written in Go, Lua, C, C++ and JavaScript Workers.
Fixing an old hack - why we are bumping the IPv6 MTU
Back in 2015 we deployed ECMP routing - Equal Cost Multi Path - within our datacenters. This technology allowed us to spread traffic heading to a single IP address across multiple physical servers.
Enable Private DNS with 1.1.1.1 on Android 9 Pie
Android 9 Pie includes a slew of new features around digital well-being and privacy. Here's how to use the new Private DNS feature with 1.1.1.1.
IPv6 in China
At the end of 2017, Xinhua reported that there will be 200 Million IPv6 users inside Mainland China by the end of this year.. Halfway into the year, we’re seeing a rapid growth in IPv6 users and traffic originating from Mainland China.
eBPF, Sockets, Hop Distance and manually writing eBPF assembly
A friend gave me an interesting task: extract IP TTL values from TCP connections established by a userspace program. This seemingly simple task quickly exploded into an epic Linux system programming hack.