#networking

This article details the engineering work AWS undertook to improve Lambda's network performance, focusing on optimizations to the network stack that reduce latency and increase throughput for serverless functions, making the infrastructure faster and more efficient.

Proton VPN has expanded its service to 145 countries while addressing latency challenges across its global infrastructure. The expansion maintains the company's zero-knowledge encryption principles across its diverse geographical footprint.

The article discusses concerns about the IPv8 draft proposal, highlighting potential issues and implications for internet infrastructure. It examines technical aspects and the broader impact of the proposed changes to internet protocols.

Uncompressed is a media stack that uses VPN namespace isolation and operates without public ports. The system provides network isolation through namespace separation for enhanced security.

After 18 years of deployment, IPv6 has reached majority adoption globally, with over 50% of Internet traffic now using the newer protocol. This milestone marks a significant shift from the original IPv4 system that has been in use since the early days of the Internet.

A developer successfully migrated a live server by freezing a TCP connection for 10 minutes without disrupting service. The technique involved maintaining an established connection while moving the underlying infrastructure.

Hyper-DERP is a new relay server implementation that achieves the same throughput as Tailscale's derper while using half the CPU cores. The open-source project offers improved resource efficiency for network relay operations.

This chapter introduces networking concepts in Bevy game development, covering how to implement multiplayer functionality and network communication in Rust games using the Bevy engine's networking capabilities.

This document describes the Meow Routing and Remote Protocol (MRRP), a proposed protocol for routing and remote operations. It outlines the protocol's architecture, message formats, and operational procedures for network communication.

The article describes challenges in mainlining Linux PTP features, including a multi-year effort to merge hardware timestamping support. It also covers recent developments like the PTP virtual clock driver and improvements to the PTP hardware clock infrastructure.

The article discusses how the author's attitude toward IPv6 changed from skepticism to appreciation after experiencing unreliable IPv4 connectivity. It explains how using both IPv4 and IPv6 protocols can provide more reliable internet connectivity when one protocol experiences issues.

This project presents a cache-friendly IPv6 longest prefix match implementation using AVX-512 instructions, based on a linearized B+-tree data structure. It includes real BGP routing table benchmarks to demonstrate performance improvements for high-speed packet processing.

The article details the technical process of building a public anycast network, covering routing protocols, infrastructure setup, and operational considerations for deploying a globally distributed network service.

The article details the implementation of MikroTik's binary API protocol in Python, covering the protocol's structure, encoding methods, and practical usage examples. It explains how to establish connections, send commands, and parse responses using custom Python code.

The article details building a home router using OPNsense firewall software on a Protectli Vault FW4B device. It covers hardware selection, installation steps, and initial configuration for network segmentation and security features.

The article discusses the growing adoption of IPv6 overlay networks as a solution to IPv4 address exhaustion. It highlights how these networks enable IPv6 connectivity while maintaining compatibility with existing IPv4 infrastructure. The trend represents a significant shift in internet architecture to address long-term scalability needs.

The homelab systems did not experience downtime as previously thought. All services remained operational despite earlier concerns about DNS issues.

The article explores how eBPF could implement per-port IP address restrictions by extending systemd's current LPM map approach. It proposes embedding port numbers in LPM map keys alongside IP addresses, allowing scalable filtering of network packets based on both destination port and source IP. The approach maintains simple eBPF program generation while enabling more granular access controls.

The article provides technical notes on nftables symbolic variables, explaining how they can define simple values and anonymous sets for firewall rules. It compares them to BSD PF features and discusses limitations like requiring full ruleset reloads for updates.

The author encountered streaming issues over a VPN due to packet size limitations. They discovered Fastly's CDN was ignoring ICMP packets that indicated packets were too large for the VPN's MTU. After reporting the issue, Fastly's engineering team fixed the problem.

The author describes a method for hosting internet-connected servers from home using a VPS with multiple IP addresses. They use Wireguard to create a VPN tunnel between the local machine and VPS, then configure iptables and policy routing to forward external traffic to the local system while maintaining proper return routing.

The author attempted to set up AWS Site-to-Site VPN and AWS Client VPN connections between their Ubiquiti lab network and AWS account but struggled for days trying to get their USG device to connect to the VPN server.

The article explains how TCP's initial congestion window of 10 packets results in approximately 13 kB of data being transferred in the first round trip. This occurs because TCP uses slow start to avoid network congestion, gradually increasing transmission speed. The author suggests web developers should ensure critical content fits within this initial 13 kB for optimal page loading.

The author explains that IPv4 addresses have been exhausted since 2011, leading to multiple users sharing addresses and causing problems like IP blocking. IPv6 with 128-bit addresses was standardized in 1995 but adoption remains low. To encourage IPv6 adoption, the author will disable IPv4 access to their site on the 6th of each month.

The article describes how IPv6 can be used with Cloudflare to run multiple services on a single server without needing a reverse proxy. This approach leverages IPv6's abundant address space to assign unique addresses to different services.

The post shares several links including articles about declining doctoral degree enrollments, negative correlations between AI tool usage and critical thinking, and issues with AI-generated code quality. It also includes a link about residential networking over telephone systems.

A tech enthusiast describes how to create a dial-up internet service provider using a Raspberry Pi, inspired by acquiring an original Tangerine iBook G3 clamshell with built-in Wi-Fi capabilities. The article explains the technical process of setting up dial-up connectivity through modern hardware.

The article provides a technical primer on mDNS (Multicast DNS), explaining how it enables local network name resolution without a traditional DNS server. It covers the protocol's operation, packet structure, and practical implementation details for developers.

The article explains how id Software's Quake game obtained its TCP/IP networking stack through a collaboration with John Carmack and a programmer named John D. Carmack. The implementation was based on BSD networking code and adapted for the game's multiplayer functionality.

The article provides guidance on effectively interpreting error messages, especially those from operating systems and networks. It is adapted from a talk the author gave to colleagues.