/plushcap/analysis/cloudflare/tubular-fixing-the-socket-api-with-ebpf

Production ready eBPF, or how we fixed the BSD socket API

What's this blog post about?

Cloudflare has open-sourced a production tooling called "tubular" that they developed for the sk_lookup hook, which is contributed to the Linux kernel. The software consists of an eBPF program and a larger user space component. Tubular allows users to change the addresses of a service on the fly and has been used in Cloudflare's Spectrum product and authoritative DNS services. It enables handling multiple services using the same port on different addresses, listening on all 2^16 ports, and managing state with eBPF maps. The source code for tubular is available at https://github.com/cloudflare/tubular.

Company
Cloudflare

Date published
Feb. 17, 2022

Author(s)
Lorenz Bauer

Word count
2974

Language
English

Hacker News points
26


By Matt Makai. 2021-2024.