Mitigating a 754 Million PPS DDoS Attack Automatically
July 09, 2020 12:00PM
On June 20, Cloudflare automatically mitigated a highly volumetric DDoS attack that peaked above 754 million packets per second. The attack was part of an organized four day campaign starting on June 18 and ending on June 21....
Continue reading »
When TCP sockets refuse to die
September 20, 2019 4:53PM
We noticed something weird - the TCP sockets which we thought should have been closed - were lingering around. We realized we don't really understand when TCP sockets are supposed to time out! We naively thought enabling TCP keepalives would be enough... but it isn't!...
SYN packet handling in the wild
January 15, 2018 1:49PM
Here at Cloudflare, we have a lot of experience of operating servers on the wild Internet. But we are always improving our mastery of this black art. On this very blog we have touched on multiple dark corners of the Internet protocols: like understanding FIN-WAIT-2 or receive buffer tuning....
How the CloudFlare Team Got Into Bondage (It's Not What You Think)
April 08, 2013 8:18AM
At CloudFlare, we're always looking for ways to eliminate bottlenecks. We're only able to deal with the very large amount of traffic that we handle because we've built a network that can efficiently handle an extremely high volume of network requests....