Datong's Random Thoughts

Datong's Random Thoughts

Writing Highly Efficient UDP Server in Rust

During my time of writing the Phantun UDP to TCP obfuscator, I spent quite some time on optimizing the performance of Phantun on multi-core systems. In the end, the single stream forwarding performance increased by 200% and multi-stream forwarding performance increased by 17% compared to the not-quite optimized version. After

OSPF over WireGuard

There are an abundence of information online about how to get OSPF running correctly over WireGuard, however I was not able to find any single post that summarizes everything well. After a bunch of trial and error, I was finally able to get OSPF and OSPFv3 runing over WireGuard tunel

RouterOS 国内外分流环境下的网络高可用性设计

本文是继《使用 RouterOS，OSPF 和树莓派为国内外 IP 智能分流》后的第二篇文章。第一篇着重讲的是路由协议的配置，而这一篇着重讲这种配置情况下的失效模式 (failure mode) 和应对策略。

使用 RouterOS，OSPF 和树莓派为国内外 IP 智能分流

这篇问题记录了我在 RouterOS 上通过 OSPF 协议把国外的流量动态拉取到旁路由上的配置过程。文章里面包含了 IPv4 和 IPv6 的配置。

Data sharing in OpenResty

Throughout the course of writing Lua code that runs inside OpenResty, you will inevitably encounter situations that requires data sharing between Lua codes, NGINX workers. You may also encounter necessities to share data between Lua and C codes. In this post I would like to summarize and compare common ways

Building a Low Cost Home NAS System on Linux

Background As a MacBook Pro user, I, like many others, suffered from the lack of internal storage in general. In particular, the rMBP that I uses daily has a merely 256 GB of SSD space, which is running short very quickly. Ever since I started recording videos while flying, things

RouterOS Meets Comcast IPv6

Preface I have recently moved from Iowa to California. When in school, I used to use the university provided Ethernet connection that easily runs to 1 Gbps Up/Dn. Moving to California means that's all in the past and it's time to start paying Internet connections myself :( Some quick research

Making Certificates More Visible With Certificate Transparency

Certificate Transparency has been a popular term recently. Despite Google's hard effort on pushing every CA to adopt Certificate Transparency, the implications and technical details behind those two words are sometimes unclear. Hence, I am presenting this series of posts detailing the problem it is attempting to solve, how it

Getting Let's Encrypt Certificate for a Google App Engine Hosted Website

Let's Encrypt is a completely free Certificate Authority (CA) who distributed free and trusted TLS server certificates for website owners around the world to use. The process of using their certificate on a Google App Engine (GAE) hosted site, however, was a little tricky and thus I will record the

HSTS Preloading: What it is and why do you need it

The Background When Internet was first designed, security was not the the primary focus. With dedicated connections between nodes, limited access and CPU power, encryption did not seemed so necessary at the beginning. However, as the scale of Internet continues to grow, and the growing popularity of over-the-air connection media

The Implementation of epoll (4)

In this last part of The Implementation of epoll series, I will be explaining how epoll transfers events from kernel space to user space and how different triggering modes were implemented. This fifth article is written way much later than the forth one, and I do apologize for the delay.

The Implementation of epoll (3)

In the last two posts, I talked about how epoll works as a whole and how epoll receives new event notification from the monitored file descriptors. In this post, I will be talking about how epoll stores those event notifications and how does the user application retrieves them later. The

The Implementation of epoll (2)

The ep_insert() Function ep_insert() is one of the most important functions within the epoll implementation. Understanding what it does is crucial of understanding how epoll receives new events from the monitored files. The definition of ep_insert() is at fs/eventpoll.c, line 1267. Here are some snippets

The Implementation of epoll (1)

In this series of blog posts, I will be taking notes about the internals and implementation details of the Linux event poll (epoll) subsystem. Prerequisites Please note that I am assuming the audiences of those articles are familiar with epoll APIs and usages. I will be focusing on the actual

New Blog, in English

Finally, I decided to switch my blog from Jekyll to Ghost. Also, I will be writing my new blog posts in English. This site is running on DigitalOcean, with nginx running on a CentOS 7.0 box. My primary focus will be shareing my programming thoughts, as well as projects