Mobile Ad Networks as DDoS Vectors: A Case Study
September 25, 2015 4:01 PM
CloudFlare servers are constantly being targeted by DDoS'es. We see everything from attempted DNS reflection attacks to L7 HTTP floods involving large botnets....
DNS parser, meet Go fuzzer
August 06, 2015 1:40 PM
Here at CloudFlare we are heavy users of the github.com/miekg/dns Go DNS library and we make sure to contribute to its development as much as possible. Therefore when Dmitry Vyukov published go-fuzz and started to uncover tens of bugs in the Go standard library, our task was clear....
A deep look at CVE-2015-5477 and how CloudFlare Virtual DNS customers are protected
August 04, 2015 10:36 AM
Last week ISC published a patch for a critical remotely exploitable vulnerability in the BIND9 DNS server capable of causing a crash with a single packet. ...
Quick and dirty annotations for Go stack traces
August 03, 2015 11:26 AM
CloudFlare’s DNS server, RRDNS, is entirely written in Go and typically runs tens of thousands goroutines. Since goroutines are cheap and Go I/O is blocking we run one goroutine per file descriptor we listen on and queue new packets for processing....
The Internet is a cooperative system: CNAME to Dyn DNS outage of 6 July 2015
July 06, 2015 9:30 PM
Today, shortly after 21:00 UTC, on our internal operations chat there was a scary message from one of our senior support staff: "getting DNS resolution errors on support.cloudflare.com", at the same time as automated monitoring indicated a problem....
MORE POSTS
June 24, 2015 4:40 PM
Check out these brand new videos on how to optimize CloudFlare
Someone once said that the best things in life are free and I can’t agree more. I want to draw the attention of the CloudFlare community to a great resource that helps maximize the value of our product. ...
- By
June 18, 2015 11:14 AM
Go has a debugger—and it's awesome!
Something that often, uh... bugs Go developers is the lack of a proper debugger. Builds are ridiculously fast and easy, but sometimes it would be nice to just set a breakpoint and step through that endless if chain or print a bunch of values without recompiling ten times....
- By
March 10, 2015 12:59 PM
Announcing Virtual DNS: DDoS Mitigation and Global Distribution for DNS Traffic
It’s 9am and CloudFlare has already mitigated three billion malicious requests for our customers today. Six out of every one hundred requests we see are malicious, and increasingly, more of those bad requests are targeting DNS nameservers. ...
- By
March 06, 2015 2:33 PM
Deprecating the DNS ANY meta-query type
DNS, one of the oldest technologies running the Internet, keeps evolving. There is a constant stream of new developments, from DNSSEC, through DNS-over-TLS, to a plentiful supply of fresh EDNS extensions....
- By
February 05, 2015 6:48 PM
Updating the DNS Registration Model to Keep Pace with Today’s Internet.
CloudFlare is, arguably, the largest third-party DNS Authoritative operator in the world. We manage well over 1 million domains and have registrations in almost every TLD open for registrations....
- By
January 29, 2015 8:10 PM
DNSSEC Done Right
I’ve been working on DNSSEC evolution for a long time as implementor, IETF working group chair, protocol experimenter, DNS operator, consultant, and evangelist. ...
- By
November 05, 2014 2:25 PM
DNSSEC: Complexities and Considerations
DNSSEC is an extension to DNS: it provides a system of trust for DNS records. In this post we examine some of the complications of DNSSEC, and what CloudFlare plans to do to reduce any negative impact they might have. ...
- By
October 07, 2014 10:39 AM
DNSSEC: An Introduction
At CloudFlare our mission is to help build a better Internet. Part of this effort includes making web sites faster, more reliable, and more trustworthy....
- By
August 19, 2014 4:32 AM
CloudFlare hiring Go programmers in London and San Francisco
Are you familiar with the Go programming language and looking for a job in San Francisco or London? Then think about applying to CloudFlare. We're looking for people with experience writing Go in both locations....
- By
July 02, 2014 12:14 AM
Making code better with reviews
In the past we've written about how CloudFlare isn't afraid to rip out and replace chunks of code that have proved to be hard to maintain or have simply reach end of life. ...
- By
June 13, 2014 5:40 AM
New .uk domains now supported
On the 10th of June, the UK domain registry Nominet made available second-level domain namespace to the public, allowing anyone to register a domain ending with simply .uk...
- By
April 03, 2014 12:34 AM
Introducing CNAME Flattening: RFC-Compliant CNAMEs at a Domain's Root
This post is about a new feature we've been quietly rolling out over the last few months. Last week we began enabling it for everyone by default. ...
- By
April 01, 2014 1:19 AM
The weird and wonderful world of DNS LOC records
A cornerstone of CloudFlare's infrastructure is our ability to serve DNS requests quickly and handle DNS attacks. To do both those things we wrote our own authoritative DNS server called RRDNS in Go. ...
- By
January 30, 2014 9:24 AM
CloudFlare DNS is simple, fast and flexible
Over the past few years, the CloudFlare blog has covered a great range of different topics, drilling down into the technology we use to both protect websites from attack, and optimise them so that they load faster for visitors....
- By