TCP - The Cloudflare Blog

Unbounded memory usage by TCP for receive buffers, and how we fixed it

May 25, 2023 4:31PM

We are constantly monitoring and optimizing the performance and resource utilization of our systems. Recently, we noticed that some of our TCP sessions were allocating more memory than expected. This blog post describes in detail the root cause of the problem and shows the test results of a solution...

Mike Freemon

Announcing connect() — a new API for creating TCP sockets from Cloudflare Workers

May 16, 2023 2:00PM

Developer Week Cloudflare Workers TCP sockets Database

Today, we are excited to announce a new API in Cloudflare Workers for creating outbound TCP sockets, making it possible to connect directly to databases and any TCP-based service from Workers...

When the window is not fully open, your TCP stack is doing more than you think

July 26, 2022 2:00PM

Linux TCP

In this blog post I'll share my journey deep into the Linux networking stack, trying to understand the memory and window management of the receiving side of a TCP connection...

Marek Majkowski

A July 4 technical reading list

July 04, 2022 1:55PM

Reading List Cloudflare Radar Linux TCP Hertzbleed

Here’s a short list of recent technical blog posts to give you something to read today...

John Graham-Cumming

Optimizing TCP for high WAN throughput while preserving low latency

July 01, 2022 2:00PM

Deep Dive TCP Latency Optimization

In this post, we describe how we modified the Linux kernel to optimize for both low latency and high throughput concurrently...

Mike Freemon

March 19, 2022 5:01PM

A Primer on Proxies

A technical dive into traditional TCP proxying over HTTP...

By

Lucas Pardue
, Christopher Wood

Deep Dive , TCP , Proxying , Research , iCloud Private Relay

March 18, 2022 1:00PM

Zero Trust client sessions

Starting today, you can build Zero Trust rules that require periodic authentication to control network access...

By

Kenny Johnson

Security Week , Zero Trust , Cloudflare Zero Trust , TCP , Security

February 02, 2022 9:53AM

How to stop running out of ephemeral ports and start to love long-lived connections

Often programmers have assumptions that turn out, to their surprise, to be invalid. From my experience this happens a lot. Every API, technology or system can be abused beyond its limits and break in a miserable way...

By

Marek Majkowski

Deep Dive , UDP , TCP , Linux , Networking

November 23, 2021 1:58PM

Announcing Argo for Spectrum

Announcing general availability of Argo for Spectrum, a way to turbo-charge any TCP based application....

By

Achiel van der Mandele

Argo Smart Routing , Spectrum , TCP , Performance

July 14, 2020 12:00PM

flowtrackd: DDoS Protection with Unidirectional TCP Flow Tracking

flowtrackd is a software-defined DDoS protection system that significantly improves our ability to automatically detect and mitigate even the most complex TCP-based DDoS attacks. If you are a Magic Transit customer, this feature will be enabled by default at no additional cost on July 29, 2020....

By

Omer Yoachimik

DDoS , Security , TCP , Magic Transit , Gatebot

April 06, 2020 12:00PM

Conntrack tales - one thousand and one flows

We were wondering - can we just enable Linux "conntrack"? How does it actually work? I volunteered to help the team understand the dark corners of the Linux's "conntrack" stateful firewall subsystem....

By

Marek Majkowski

Conntrack , Linux , Network , TCP

January 14, 2020 4:07PM

A cost-effective and extensible testbed for transport protocol development

At Cloudflare, we develop protocols at multiple layers of the network stack. In the past, we focused on HTTP/1.1, HTTP/2, and TLS 1.3. Now, we are working on QUIC and HTTP/3, which are still in IETF draft, but gaining a lot of interest....

By

Lohith Bellad
, Junho Choi

HTTP3 , QUIC , TLS 1.3 , TCP

January 08, 2020 5:08PM

Accelerating UDP packet transmission for QUIC

Significant work has gone into optimizing TCP, UDP hasn't received as much attention, putting QUIC at a disadvantage. Let's explore a few tricks that help mitigate this....

By

Alessandro Ghedini

QUIC , UDP , TCP , HTTP3

September 20, 2019 4:53PM

When TCP sockets refuse to die

We noticed something weird - the TCP sockets which we thought should have been closed - were lingering around. We realized we don't really understand when TCP sockets are supposed to time out! We naively thought enabling TCP keepalives would be enough... but it isn't!...

By

Marek Majkowski

SYN , TCP , Spectrum , Tech Talks