2 Comments

Summary:

Web performance and security startup CloudFlare isn’t as big as Google or Facebook, but it does handle a lot of traffic. And now, like its larger peers, the company is designing its own gear to solve it own unique brand of problems.

It’s not just the big boys like Google, Facebook and Netflix that are building their own gear these days. CloudFlare, the popular web-performance and security startup is also getting into the act with its own custom-built server and, possibly, switches.

CloudFlare Founder and CEO Matthew Prince detailed the problems the company is trying to solve in a blog post earlier this week. In a nutshell, although its network edge that spans 23 data centers is (usually) capable of handling most traditional DDoS attacks, there are a couple types of attacks that target different bottlenecks at the local area network level. In these cases, the 1 Gbps networks ports on CloudFlare’s servers can get overwhelmed, as can the processors themselves.

Of course, when you’re running a multitenant cloud-based service like CloudFlare is, these types of events take on a different urgency:

“Both these problems are annoying if it affects the customer under attack, but it is unacceptable it spills over and affects customers who are not under attack. To ensure that would never happen, we needed to find a way to both increase network capacity and ensure that customer attacks were isolated from one another.”

So, over the course of 2012, CloudFlare spent its time working on what it calls “Project Bondage.” Essentially, that meant configuring the individual ports to look and act like a single port capable of handling much more bandwidth, and then reworking the CloudFlare operating system to prevent external CPU-level attacks from affecting internal workloads.

But the company didn’t stop there. Prince wrote in the blog that CloudFlare’s next-generation servers feature 10 Gbps ports to significantly increase network bandwidth even without port bonding. In an email, he confirmed that rather than use off-the-shelf servers as it has been doing, CloudFlare’s “G4″ servers were designed in tandem with and built by Quanta, the same company that builds Facebook’s servers as well as servers for other large web companies.

CloudFlare still uses off-the-shelf Juniper switches but, Prince added, “[W]e’re tinkering.”

Feature image courtesy of Shutterstock user teflon_timmy.

  1. Cloudflare is a SaaS (IaaS) company so you might assume all their efforts go into the software components, but this demonstrates that significant competitive advantages can be built up through other areas too. In this case it’s custom built routers (involving both hardware and software) but other companies could do similar things in how hardware is deployed, OS tweaks, own design components or tools, etc.

    It’s a lot harder to copy these things so all goes towards making a company more competitive (and valuable).

    Share
  2. Cloudflare is actually a haven for DDoSers and pirates. http://web.archive.org/web/20130430030403/http://cloudflare-watch.org/

    I discovered this after they failed to act on my complaints against a website promoting illegal DDoS attacks and defacing of websites.

    Share

Comments have been disabled for this post