Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
Tempesta FW is an open-source application delivery controller (ADC) built into Linux that provides fast web content acceleration and web application protection. It is built into the Linux TCP/IP stack for better and more stable performance relative to usual modern HTTP accelerators and load balancers. Not only that, but it provides the same user experience as normal Linux installations, meaning that it can be installed on almost any server and is easier to use than hardware appliances.
Tempesta FW is designed with following considerations which define its architecture:
Tempesta FW targets maximum performance in modern Linux/x86-64 environments. Thus, it frequently migrates to new Linux kernels and requires relatively modern hardware.
Modern hardware has plenty of RAM. This consideration eliminates requirement of slow disks access making Tempesta FW working with RAM only. The web cache is very fast, but doesn't suite to handle volumes of large content. If you need to cache data larger than your RAM, then use other web accelerators behind Tempesta FW: the whole installation benefits from small and fast cache at first layer.
Tempesta FW is fully Linux compatible. All the existing Linux software works with Tempesta FW. It significantly different from kernel bypass approaches (e.g. DPDK or Netmap): web accelerator built on top of the technologies don't allow you to use such handy tools with your network traffic as Netfilter, Tcpdump, Tc and so on. (Actually, in some cases you can use the tools, but copying through dummy network interfaces is required making the whole system slower).
Tempesta FW: Linux Application Delivery Controller, FOSDEM'17, February 2017. Video.
Tempesta FW, a handfull firewall against DDoS attacks, HackMag, 2015.