/plushcap/analysis/cloudflare/building-rakelimit

Raking the floods: my intern project using eBPF

What's this blog post about?

Cloudflare has developed a new open-source framework to help UDP services protect themselves from attacks. The framework incorporates Cloudflare's experience in running UDP-based services like Spectrum and the 1.1.1.1 resolver. It identifies floods and limits them while leaving legitimate traffic untouched, using probabilistic algorithms such as a CountMin sketch or the SpaceSaving algorithm to find heavy hitters with constant memory requirements. The framework also uses hierarchical heavy hitters to organize packets based on their attributes and applies rate limiting to prevent any heavy hitters from passing through. It is implemented as a Go library, rakelimit, which can be enabled on any UDP socket and is easy to configure.

Company
Cloudflare

Date published
Sept. 18, 2020

Author(s)
Jonas Otten

Word count
1757

Language
English

Hacker News points
5


By Matt Makai. 2021-2024.