Zevenet is proud to be Gold Sponsor of the Netfilter Workshop 2019, the main event organized for and by the Netfilter community. During the workshop days, Linux kernel networking and Netfilter developers meet and discuss the status of the on-going Netfilter-related developments and the plans for the near future.
Zevenet Team had the opportunity to present 2 talks during the Netfilter Workshop 2019: Load Balancing and Clustering challenges with nftables and L7 Proxy offload to nftables. In those, the Zevenet Team explained the new advances in regards to the new stateless DNAT topology, L7 helpers support, logging support per virtual service, flow mark masking per virtual service or backend, custom source address per virtual service or per backend, support of client-backend persistence, configurable logging messages, security policies with blacklists and whitelists per virtual service from ingress, queuing to user space for filtering, bogus TCP detection, several connection limits per virtual service or backends with support of local services as well, clustering support with floating IPs and replication of session maps with JSON. In regards to the L7 proxy offload, we presented the new proxy that we’ve working on the last year with benchmarks and use cases to offload to layer 4 for certain non-termination SSL cases.