Building fast interpreters in Rust
March 04, 2019 4:00PM
In the previous post we described the Firewall Rules architecture and how the different components are integrated together. We created a configurable Rust library for writing and executing Wireshark®-like filters in different parts of our stack written in Go, Lua, C, C++ and JavaScript Workers....
Continue reading »
Fixing an old hack - why we are bumping the IPv6 MTU
September 10, 2018 10:21AM
IPv6
DNS
Reliability
Security
Anycast
Back in 2015 we deployed ECMP routing - Equal Cost Multi Path - within our datacenters. This technology allowed us to spread traffic heading to a single IP address across multiple physical servers....
Enable Private DNS with 1.1.1.1 on Android 9 Pie
August 16, 2018 4:01PM
1.1.1.1
Resolver
IPv6
DNS
TLS
Android 9 Pie includes a slew of new features around digital well-being and privacy. Here's how to use the new Private DNS feature with 1.1.1.1....
IPv6 in China
July 19, 2018 1:03AM
IPv6
China
At the end of 2017, Xinhua reported that there will be 200 Million IPv6 users inside Mainland China by the end of this year.. Halfway into the year, we’re seeing a rapid growth in IPv6 users and traffic originating from Mainland China....
eBPF, Sockets, Hop Distance and manually writing eBPF assembly
March 29, 2018 11:43AM
TTL
TCP
IPv4
IPv6
eBPF
A friend gave me an interesting task: extract IP TTL values from TCP connections established by a userspace program. This seemingly simple task quickly exploded into an epic Linux system programming hack....