How we made our DNS stack 3x faster
Cloudflare is now well into its 6th year and providing authoritative DNS has been a core part of infrastructure from the start. We’ve since grown to be the largest and one of the fastest managed DNS services on the Internet, hosting DNS for nearly 100,000 of the Alexa top 1M sites and over 6 million other web properties – or DNS zones.
CC-BY 2.0 image by Steve Jurvetson
Today Cloudflare’s DNS service answers around 1 million queries per second – not including attack traffic – via a global anycast network. Naturally as a growing startup, the technology we used to handle tens or hundreds of thousands of zones a few years ago became outdated over time, and couldn't keep up with the millions we have today. Last year we decided to replace two core elements of our DNS infrastructure: the part of our DNS server that answers authoritative queries and the data pipeline which takes changes made by our customers to DNS records and distributes them to our edge machines across the globe.
The rough architecture of the system can be seen above. We store customer DNS records and other origin server information in a central database, convert the Continue reading
NETCONF Agent(s) on Cisco IOS XE 16.x
Evgeny made an interesting observation while testing the NETCONF client on IOS XE 16.x (see also this comment on my blog):
The most interesting part: for unknown reason IOS-XE gives different answers about capabilities on ports 830 and 22.
Einar quickly explained the mysterious behavior:
Read more ...Network Notes: OSI Reference
Hell has nine layers .... so does the OSI model. I know, I know, you have been taught that the OSI model has seven layers. See the illustration below for the proof. continue reading
Security Threats Keep Network Teams Busy
Networking pros are spending more of their time troubleshooting security-related issues, survey finds.
Microsoft Acquires Container Software Company Deis
The Deis platform combines features and technologies from Google, Docker, and CoreOS.
NANOG 70 Hackathon
Sunday, June 4, 2017
Welcome to the NANOG 70 Hackathon brought to you by NANOG and hackathon host sponsor
Join us for the NANOG 70 Hackathon -- a one-day event Sunday, June 4, 2017, at the Hyatt Regency Bellevue.
The NANOG 70 Hackathon will bring network operators together in a room to develop new ideas and hacks for automating production internet networks. Tools and software beyond those provided by vendors and existing open-source projects are needed to keep those networks up and running. By gathering together at NANOG 70 to collaboratively hack on code or hardware, develop ideas, and documentation we can open the possibilities of peering automation. And we will have fun while doing it!
Registration for the Hackathon is open on a space-available basis to all interested attendees of NANOG 70. All skill levels are welcome and participants are expected to actively participate in the hacks. Hackathon participants will be automatically added to an email list after registration is complete in order to receive information and updates. At the end of the hack participating teams will be given the opportunity to briefly present their ideas and determine the top 3 teams. Lightning talks may be Continue reading