Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

cloudflare 技术博客阅读计划 #163

Open
lzh2nix opened this issue May 19, 2023 · 3 comments
Open

cloudflare 技术博客阅读计划 #163

lzh2nix opened this issue May 19, 2023 · 3 comments
Labels
2023 Linux性能分析与优化

Comments

@lzh2nix
Copy link
Owner

lzh2nix commented May 19, 2023
edited
Loading

每次遇到到问题 Google 一般都会到 https://blog.cloudflare.com/, 里面也是超多干货, 计划以每天一篇的速度完整的过一遍.

content
@lzh2nix
Copy link
Owner Author

lzh2nix commented May 25, 2023
edited
Loading

001 Measuring network quality to better understand the end-user experience(2023.5.25)

https://blog.cloudflare.com/aim-database-for-internet-quality/

网络压测需要考虑的几个点:

  • Bandwidth 上下行的吞吐
  • Packet loss 在极限情况下的网络丢包
  • Latency 延时(一般关注RTT)
  • Jitter 更多的是在rtc场景下有意义

评分
image

各个场景下的一个计算方式:
Streaming: download bandwidth + unloaded latency + packet loss + (loaded latency - unloaded latency difference)
Gaming: packet loss + unloaded latency + (loaded latency - unloaded latency difference)
RTC/video: packet loss + jitter + unloaded latency + (loaded latency - unloaded latency difference)

Back To Top

@lzh2nix
Copy link
Owner Author

lzh2nix commented May 25, 2023
edited
Loading

002 Cloudflare mitigates record-breaking 71 million request-per-second DDoS attack(2023.05.26)

https://blog.cloudflare.com/cloudflare-mitigates-record-breaking-71-million-request-per-second-ddos-attack/

2月份cloudflare 遭受了一个71M rps 的DDoS 攻击

image

这里有个数字比较有意思, 这些请求来着 30,000 多个IP, 而且都是来自于云厂商.

Cloudflare 提供的一些防止DDoS的方法:

  1. 通过 DDoS managed Rules mitigrating 这些DDoS
  2. Enterprise 客户有高级的DDoS保护措施
  3. 配置firewall, ratelimit rule
  4. 避免源站直接暴露在公网上(cloudflare 提供的安全访问源站的方法)
  5. 尽可能的开启cache, 使用worker 来保护源站
  6. 开启DDS Alerting

为下一次DDoS做好准备

Back To Top

@lzh2nix
Copy link
Owner Author

lzh2nix commented May 28, 2023
edited
Loading

003 a-brief-anycast-primer(2023.05.28)

https://blog.cloudflare.com/a-brief-anycast-primer/

CloudFlare Anycast 网络的几个优点(相对unicast):

  • Speed 通过返回最近的server地址大大的降低了rtt时间 58ms--->9.5ms
  • Resiliency 一个集群down机之后自动迁移到下一个集群
  • Attack Mitigation 通过大量的集群把流量扛下来, 防止在unicast 场景下一个节点被打爆.

Back To Top

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
2023 Linux性能分析与优化
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@lzh2nix