SlideShare une entreprise Scribd logo

Dumb Ways To Die: How Not To Write TCP-based Network Applications

HLL
HLL

Thanks to http://www.youtube.com/watch?v=IJNR2EpS0jw :-)

Formation
1  sur  22
Télécharger pour lire hors ligne
HOW[NOT]TO Write TCP-based Network Applications Artyom Gavrichenkov 1/x
Based on a True Story • NOT AN AD! • Qrator: distributed network ● Custom TCP/IP at the bottom ● Custom management protocol at the top ● Interacting with plenty of Web servers and Web browsers on a daily basis ● 2 years of continuous debug^W Product ImprovementTM 2
Issue #1 • Message delivery is unreliable in TCP.
Issue #1 • Message delivery is unreliable in TCP: there's no estimation on when (and if) the message will arrive at all • Timeouts! • Limit all resources, including time • No action is itself an action
Timeouts • Between recvfrom() • Between requests • Request timeout • Lifetime of a session • Lifetime of %OBJECTNAME% • Long polling may be a bad idea
Ex. 1 • Slowloris (Apache): DoS ● (not distributed, just denial of service) • Slow HTTP POST ● Apache, IIS, Lighttpd: DoS ● Nginx: DDoS with a botnet
Ex. 2 12 rpm AJAX page update ● Backup script switched the server off
Content-Length – Limit resources for all actions – Custom protocol should define limits on the input length
errno(3) – The connection may be closed for no good reason – Check errno after recvfrom(), sendto(), etc. ● ENOMEM ● ECONNRESET ● EANYTHING
Ex. 3 ● Internet Explorer: ECONNRESET means successful connection termination – Download status is being ignored – Content-Length is being ignored
Memory limits – Resource limits: ● Maximum – ENOMEM ● Minimum – idle wait → ECONNRESET
Ex. 4 – DNS TTL ● Too big: days of downtime (continuous) ● Too small: days of downtime (total)
Latency – 3-Way Handshake takes time – Do implement persistent connections! ● Do it from the very beginning
They haven't listened to me! ● TCP – T/TCP ● HTTP/1.0 – HTTP/1.1
Optimization – Measure! – Profile! – Emulate packet loss!
Optimization – Text-based protocols are convenient to debug ● And you will debug – Maybe even in production – Making use of binary protocols is often a premature optimization ● BSON, Google Protocol Buffers
Optimization ● TCP socket options: – TCP_NODELAY: disables Nagle's algorithm ● Speedup with small portions of data – TCP_CORK (Linux): multiple portions of data in a single TCP segment – "socket corking"
Optimization ● TCP stack options: – Linux: /proc/sys/net/** ● net.ipv4.tcp_fin_timeout ● net.ipv4.tcp_{,r,w}mem ● net.core.{r,w}mem_max – Windows: HKLMSystemCurrentControlSetServicesTcpipParameters
IPv6 ● Accidental IPv6 deployment
• SO_REUSEADDR • sendfile(2) • select(2)/poll(2)/epoll(7) • {n,h}to{n,h}{s,l}() • int64_t vs long 21
This is it! Artyom Gavrichenkov <ximaera@highloadlab.com>

Recommandé

DB Latency Using DRAM + PMem in App Direct & Memory Modes
DB Latency Using DRAM + PMem in App Direct & Memory ModesDB Latency Using DRAM + PMem in App Direct & Memory Modes
DB Latency Using DRAM + PMem in App Direct & Memory Modes
ScyllaDB
 
Vanquishing Latency Outliers in the Lightbits LightOS Software Defined Storag...
Vanquishing Latency Outliers in the Lightbits LightOS Software Defined Storag...Vanquishing Latency Outliers in the Lightbits LightOS Software Defined Storag...
Vanquishing Latency Outliers in the Lightbits LightOS Software Defined Storag...
ScyllaDB
 
High-Performance Networking Using eBPF, XDP, and io_uring
High-Performance Networking Using eBPF, XDP, and io_uringHigh-Performance Networking Using eBPF, XDP, and io_uring
High-Performance Networking Using eBPF, XDP, and io_uring
ScyllaDB
 
Tempesta FW - Framework и Firewall для WAF и DDoS mitigation, Александр Крижа...
Tempesta FW - Framework и Firewall для WAF и DDoS mitigation, Александр Крижа...Tempesta FW - Framework и Firewall для WAF и DDoS mitigation, Александр Крижа...
Tempesta FW - Framework и Firewall для WAF и DDoS mitigation, Александр Крижа...
Ontico
 
Practical SystemTAP basics: Perl memory profiling
Practical SystemTAP basics: Perl memory profilingPractical SystemTAP basics: Perl memory profiling
Practical SystemTAP basics: Perl memory profiling
Lubomir Rintel
 
Let’s Fix Logging Once and for All
Let’s Fix Logging Once and for AllLet’s Fix Logging Once and for All
Let’s Fix Logging Once and for All
ScyllaDB
 
Ltsp talk
Ltsp talkLtsp talk
Ltsp talk
Kanchilug
 
An Introduction to the Formalised Memory Model for Linux Kernel
An Introduction to the Formalised Memory Model for Linux KernelAn Introduction to the Formalised Memory Model for Linux Kernel
An Introduction to the Formalised Memory Model for Linux Kernel
SeongJae Park
 

Recommandé

DB Latency Using DRAM + PMem in App Direct & Memory Modes
DB Latency Using DRAM + PMem in App Direct & Memory ModesDB Latency Using DRAM + PMem in App Direct & Memory Modes
DB Latency Using DRAM + PMem in App Direct & Memory Modes
ScyllaDB
 
Vanquishing Latency Outliers in the Lightbits LightOS Software Defined Storag...
Vanquishing Latency Outliers in the Lightbits LightOS Software Defined Storag...Vanquishing Latency Outliers in the Lightbits LightOS Software Defined Storag...
Vanquishing Latency Outliers in the Lightbits LightOS Software Defined Storag...
ScyllaDB
 
High-Performance Networking Using eBPF, XDP, and io_uring
High-Performance Networking Using eBPF, XDP, and io_uringHigh-Performance Networking Using eBPF, XDP, and io_uring
High-Performance Networking Using eBPF, XDP, and io_uring
ScyllaDB
 
Tempesta FW - Framework и Firewall для WAF и DDoS mitigation, Александр Крижа...
Tempesta FW - Framework и Firewall для WAF и DDoS mitigation, Александр Крижа...Tempesta FW - Framework и Firewall для WAF и DDoS mitigation, Александр Крижа...
Tempesta FW - Framework и Firewall для WAF и DDoS mitigation, Александр Крижа...
Ontico
 
Practical SystemTAP basics: Perl memory profiling
Practical SystemTAP basics: Perl memory profilingPractical SystemTAP basics: Perl memory profiling
Practical SystemTAP basics: Perl memory profiling
Lubomir Rintel
 
Let’s Fix Logging Once and for All
Let’s Fix Logging Once and for AllLet’s Fix Logging Once and for All
Let’s Fix Logging Once and for All
ScyllaDB
 
Ltsp talk
Ltsp talkLtsp talk
Ltsp talk
Kanchilug
 
An Introduction to the Formalised Memory Model for Linux Kernel
An Introduction to the Formalised Memory Model for Linux KernelAn Introduction to the Formalised Memory Model for Linux Kernel
An Introduction to the Formalised Memory Model for Linux Kernel
SeongJae Park
 
Understanding of linux kernel memory model
Understanding of linux kernel memory modelUnderstanding of linux kernel memory model
Understanding of linux kernel memory model
SeongJae Park
 
Ltsp Slide
Ltsp SlideLtsp Slide
Ltsp Slide
Luca Foppiano
 
Ltsp
LtspLtsp
Ltsp
Barcamp Kerala
 
Rust Is Safe. But Is It Fast?
Rust Is Safe. But Is It Fast?Rust Is Safe. But Is It Fast?
Rust Is Safe. But Is It Fast?
ScyllaDB
 
OSv Unikernel — Optimizing Guest OS to Run Stateless and Serverless Apps in t...
OSv Unikernel — Optimizing Guest OS to Run Stateless and Serverless Apps in t...OSv Unikernel — Optimizing Guest OS to Run Stateless and Serverless Apps in t...
OSv Unikernel — Optimizing Guest OS to Run Stateless and Serverless Apps in t...
ScyllaDB
 
Where Did All These Cycles Go?
Where Did All These Cycles Go?Where Did All These Cycles Go?
Where Did All These Cycles Go?
ScyllaDB
 
Rust, Wright's Law, and the Future of Low-Latency Systems
Rust, Wright's Law, and the Future of Low-Latency SystemsRust, Wright's Law, and the Future of Low-Latency Systems
Rust, Wright's Law, and the Future of Low-Latency Systems
ScyllaDB
 
GCMA: Guaranteed Contiguous Memory Allocator
GCMA: Guaranteed Contiguous Memory AllocatorGCMA: Guaranteed Contiguous Memory Allocator
GCMA: Guaranteed Contiguous Memory Allocator
SeongJae Park
 
Cloud Compt
Cloud ComptCloud Compt
Cloud Compt
Kanchilug
 
Linux Kernel Memory Model
Linux Kernel Memory ModelLinux Kernel Memory Model
Linux Kernel Memory Model
SeongJae Park
 
3 technical-dns-workshop-day2
3 technical-dns-workshop-day23 technical-dns-workshop-day2
3 technical-dns-workshop-day2
DNS Entrepreneurship Center
 
Glomosim introduction
Glomosim introductionGlomosim introduction
Glomosim introduction
Kathirvel Ayyaswamy
 
SELinux by Example
SELinux by ExampleSELinux by Example
SELinux by Example
Miroslav Spousta
 
gcma: guaranteed contiguous memory allocator
gcma: guaranteed contiguous memory allocatorgcma: guaranteed contiguous memory allocator
gcma: guaranteed contiguous memory allocator
SeongJae Park
 
Fundamental of Shell Programming
Fundamental of Shell ProgrammingFundamental of Shell Programming
Fundamental of Shell Programming
Rahul Hada
 
Glomosim
GlomosimGlomosim
Glomosim
barodia_1437
 
Go performance tooling
Go performance toolingGo performance tooling
Go performance tooling
Adil Hafeez
 
Analysis of an exploited npm package
Analysis of an exploited npm packageAnalysis of an exploited npm package
Analysis of an exploited npm package
Parth Parmar
 
Introduction to ns2
Introduction to ns2Introduction to ns2
Introduction to ns2
Pradeep Kumar TS
 
Intro to Packet Analysis - pfSense Hangout May 2014
Intro to Packet Analysis - pfSense Hangout May 2014Intro to Packet Analysis - pfSense Hangout May 2014
Intro to Packet Analysis - pfSense Hangout May 2014
Netgate
 
Александр Крижановский, NatSys Lab
Александр Крижановский, NatSys LabАлександр Крижановский, NatSys Lab
Александр Крижановский, NatSys Lab
Ontico
 
Game of BGP
Game of BGPGame of BGP
Game of BGP
HLL
 

Contenu connexe

Tendances

OSv Unikernel — Optimizing Guest OS to Run Stateless and Serverless Apps in t...
OSv Unikernel — Optimizing Guest OS to Run Stateless and Serverless Apps in t...OSv Unikernel — Optimizing Guest OS to Run Stateless and Serverless Apps in t...
OSv Unikernel — Optimizing Guest OS to Run Stateless and Serverless Apps in t...
ScyllaDB
 
3 technical-dns-workshop-day2
3 technical-dns-workshop-day23 technical-dns-workshop-day2
3 technical-dns-workshop-day2
DNS Entrepreneurship Center
 

Tendances (20)

Understanding of linux kernel memory model
Understanding of linux kernel memory modelUnderstanding of linux kernel memory model
Understanding of linux kernel memory model
 
Ltsp Slide
Ltsp SlideLtsp Slide
Ltsp Slide
 
Ltsp
LtspLtsp
Ltsp
 
Rust Is Safe. But Is It Fast?
Rust Is Safe. But Is It Fast?Rust Is Safe. But Is It Fast?
Rust Is Safe. But Is It Fast?
 
OSv Unikernel — Optimizing Guest OS to Run Stateless and Serverless Apps in t...
OSv Unikernel — Optimizing Guest OS to Run Stateless and Serverless Apps in t...OSv Unikernel — Optimizing Guest OS to Run Stateless and Serverless Apps in t...
OSv Unikernel — Optimizing Guest OS to Run Stateless and Serverless Apps in t...
 
Where Did All These Cycles Go?
Where Did All These Cycles Go?Where Did All These Cycles Go?
Where Did All These Cycles Go?
 
Rust, Wright's Law, and the Future of Low-Latency Systems
Rust, Wright's Law, and the Future of Low-Latency SystemsRust, Wright's Law, and the Future of Low-Latency Systems
Rust, Wright's Law, and the Future of Low-Latency Systems
 
GCMA: Guaranteed Contiguous Memory Allocator
GCMA: Guaranteed Contiguous Memory AllocatorGCMA: Guaranteed Contiguous Memory Allocator
GCMA: Guaranteed Contiguous Memory Allocator
 
Cloud Compt
Cloud ComptCloud Compt
Cloud Compt
 
Linux Kernel Memory Model
Linux Kernel Memory ModelLinux Kernel Memory Model
Linux Kernel Memory Model
 
3 technical-dns-workshop-day2
3 technical-dns-workshop-day23 technical-dns-workshop-day2
3 technical-dns-workshop-day2
 
Glomosim introduction
Glomosim introductionGlomosim introduction
Glomosim introduction
 
SELinux by Example
SELinux by ExampleSELinux by Example
SELinux by Example
 
gcma: guaranteed contiguous memory allocator
gcma: guaranteed contiguous memory allocatorgcma: guaranteed contiguous memory allocator
gcma: guaranteed contiguous memory allocator
 
Fundamental of Shell Programming
Fundamental of Shell ProgrammingFundamental of Shell Programming
Fundamental of Shell Programming
 
Glomosim
GlomosimGlomosim
Glomosim
 
Go performance tooling
Go performance toolingGo performance tooling
Go performance tooling
 
Analysis of an exploited npm package
Analysis of an exploited npm packageAnalysis of an exploited npm package
Analysis of an exploited npm package
 
Introduction to ns2
Introduction to ns2Introduction to ns2
Introduction to ns2
 
Intro to Packet Analysis - pfSense Hangout May 2014
Intro to Packet Analysis - pfSense Hangout May 2014Intro to Packet Analysis - pfSense Hangout May 2014
Intro to Packet Analysis - pfSense Hangout May 2014
 

En vedette

Александр Крижановский, NatSys Lab
Александр Крижановский, NatSys LabАлександр Крижановский, NatSys Lab
Александр Крижановский, NatSys Lab
Ontico
 
Циклы маршрутизации на междоменном сетевом уровне
Циклы маршрутизации на междоменном сетевом уровнеЦиклы маршрутизации на междоменном сетевом уровне
Циклы маршрутизации на междоменном сетевом уровне
HLL
 
Архитектура центра очистки трафика (ЦОТ): решения уровня оператора связи и ко...
Архитектура центра очистки трафика (ЦОТ): решения уровня оператора связи и ко...Архитектура центра очистки трафика (ЦОТ): решения уровня оператора связи и ко...
Архитектура центра очистки трафика (ЦОТ): решения уровня оператора связи и ко...
HLL
 
Порядок преодоления болота на маршруте: как не надо писать приложения, основа...
Порядок преодоления болота на маршруте: как не надо писать приложения, основа...Порядок преодоления болота на маршруте: как не надо писать приложения, основа...
Порядок преодоления болота на маршруте: как не надо писать приложения, основа...
HLL
 
Актуальное состояние вещания видео в интернете
Актуальное состояние вещания видео в интернетеАктуальное состояние вещания видео в интернете
Актуальное состояние вещания видео в интернете
Max Lapshin
 
Тандемные DDoS-атаки / Проблематика уязвимостей в спецификации TCP/IP (фундам...
Тандемные DDoS-атаки / Проблематика уязвимостей в спецификации TCP/IP (фундам...Тандемные DDoS-атаки / Проблематика уязвимостей в спецификации TCP/IP (фундам...
Тандемные DDoS-атаки / Проблематика уязвимостей в спецификации TCP/IP (фундам...
HLL
 
Некоторые аспекты влияния сходимости протокола BGP на доступность сетевых рес...
Некоторые аспекты влияния сходимости протокола BGP на доступность сетевых рес...Некоторые аспекты влияния сходимости протокола BGP на доступность сетевых рес...
Некоторые аспекты влияния сходимости протокола BGP на доступность сетевых рес...
HLL
 
Влияние сетевых аномалий на доступность ресурсов
Влияние сетевых аномалий на доступность ресурсовВлияние сетевых аномалий на доступность ресурсов
Влияние сетевых аномалий на доступность ресурсов
HLL
 
DDоS: Практическое руководство к выживанию. (Часть 2: Работа над ошибками)
DDоS: Практическое руководство к выживанию. (Часть 2: Работа над ошибками)DDоS: Практическое руководство к выживанию. (Часть 2: Работа над ошибками)
DDоS: Практическое руководство к выживанию. (Часть 2: Работа над ошибками)
HLL
 
DDoS-атаки в 2011 году: характер и тенденции
DDoS-атаки в 2011 году: характер и тенденцииDDoS-атаки в 2011 году: характер и тенденции
DDoS-атаки в 2011 году: характер и тенденции
HLL
 
Russian Internet Core: политики маршрутизации
Russian Internet Core: политики маршрутизацииRussian Internet Core: политики маршрутизации
Russian Internet Core: политики маршрутизации
HLL
 
Динамика DDoS-атак в России
Динамика DDoS-атак в РоссииДинамика DDoS-атак в России
Динамика DDoS-атак в России
HLL
 

En vedette (20)

Александр Крижановский, NatSys Lab
Александр Крижановский, NatSys LabАлександр Крижановский, NatSys Lab
Александр Крижановский, NatSys Lab
 
Game of BGP
Game of BGPGame of BGP
Game of BGP
 
Циклы маршрутизации на междоменном сетевом уровне
Циклы маршрутизации на междоменном сетевом уровнеЦиклы маршрутизации на междоменном сетевом уровне
Циклы маршрутизации на междоменном сетевом уровне
 
Архитектура центра очистки трафика (ЦОТ): решения уровня оператора связи и ко...
Архитектура центра очистки трафика (ЦОТ): решения уровня оператора связи и ко...Архитектура центра очистки трафика (ЦОТ): решения уровня оператора связи и ко...
Архитектура центра очистки трафика (ЦОТ): решения уровня оператора связи и ко...
 
Erlang railsclub - 1
Erlang railsclub - 1Erlang railsclub - 1
Erlang railsclub - 1
 
Порядок преодоления болота на маршруте: как не надо писать приложения, основа...
Порядок преодоления болота на маршруте: как не надо писать приложения, основа...Порядок преодоления болота на маршруте: как не надо писать приложения, основа...
Порядок преодоления болота на маршруте: как не надо писать приложения, основа...
 
DDoS: Practical Survival Guide
DDoS: Practical Survival GuideDDoS: Practical Survival Guide
DDoS: Practical Survival Guide
 
Актуальное состояние вещания видео в интернете
Актуальное состояние вещания видео в интернетеАктуальное состояние вещания видео в интернете
Актуальное состояние вещания видео в интернете
 
Тандемные DDoS-атаки / Проблематика уязвимостей в спецификации TCP/IP (фундам...
Тандемные DDoS-атаки / Проблематика уязвимостей в спецификации TCP/IP (фундам...Тандемные DDoS-атаки / Проблематика уязвимостей в спецификации TCP/IP (фундам...
Тандемные DDoS-атаки / Проблематика уязвимостей в спецификации TCP/IP (фундам...
 
Некоторые аспекты влияния сходимости протокола BGP на доступность сетевых рес...
Некоторые аспекты влияния сходимости протокола BGP на доступность сетевых рес...Некоторые аспекты влияния сходимости протокола BGP на доступность сетевых рес...
Некоторые аспекты влияния сходимости протокола BGP на доступность сетевых рес...
 
BGP Route Stability
BGP Route StabilityBGP Route Stability
BGP Route Stability
 
Влияние сетевых аномалий на доступность ресурсов
Влияние сетевых аномалий на доступность ресурсовВлияние сетевых аномалий на доступность ресурсов
Влияние сетевых аномалий на доступность ресурсов
 
Detecting Autonomous Systems Relationships
Detecting Autonomous Systems RelationshipsDetecting Autonomous Systems Relationships
Detecting Autonomous Systems Relationships
 
Beyond the botnet
Beyond the botnetBeyond the botnet
Beyond the botnet
 
DDоS: Практическое руководство к выживанию. (Часть 2: Работа над ошибками)
DDоS: Практическое руководство к выживанию. (Часть 2: Работа над ошибками)DDоS: Практическое руководство к выживанию. (Часть 2: Работа над ошибками)
DDоS: Практическое руководство к выживанию. (Часть 2: Работа над ошибками)
 
DDoS-атаки в 2011 году: характер и тенденции
DDoS-атаки в 2011 году: характер и тенденцииDDoS-атаки в 2011 году: характер и тенденции
DDoS-атаки в 2011 году: характер и тенденции
 
Russian Internet Core: политики маршрутизации
Russian Internet Core: политики маршрутизацииRussian Internet Core: политики маршрутизации
Russian Internet Core: политики маршрутизации
 
Динамика DDoS-атак в России
Динамика DDoS-атак в РоссииДинамика DDoS-атак в России
Динамика DDoS-атак в России
 
UDP Amplifiers на примере DNS и способы противодействия
UDP Amplifiers на примере DNS и способы противодействияUDP Amplifiers на примере DNS и способы противодействия
UDP Amplifiers на примере DNS и способы противодействия
 
Pulsedb — система хранения временных рядов
Pulsedb — система хранения временных рядовPulsedb — система хранения временных рядов
Pulsedb — система хранения временных рядов
 

Similaire à Dumb Ways To Die: How Not To Write TCP-based Network Applications

stackconf 2023 | How the Network Protocols You Choose Ultimately Affect Your ...
stackconf 2023 | How the Network Protocols You Choose Ultimately Affect Your ...stackconf 2023 | How the Network Protocols You Choose Ultimately Affect Your ...
stackconf 2023 | How the Network Protocols You Choose Ultimately Affect Your ...
NETWAYS
 
加快互联网核心协议,提高Web速度yuchungcheng
加快互联网核心协议,提高Web速度yuchungcheng加快互联网核心协议,提高Web速度yuchungcheng
加快互联网核心协议,提高Web速度yuchungcheng
Michael Zhang
 
Multi-Tenancy Kafka cluster for LINE services with 250 billion daily messages
Multi-Tenancy Kafka cluster for LINE services with 250 billion daily messagesMulti-Tenancy Kafka cluster for LINE services with 250 billion daily messages
Multi-Tenancy Kafka cluster for LINE services with 250 billion daily messages
LINE Corporation
 
Tempesta FW: a FrameWork and FireWall for HTTP DDoS mitigation and Web Applic...
Tempesta FW: a FrameWork and FireWall for HTTP DDoS mitigation and Web Applic...Tempesta FW: a FrameWork and FireWall for HTTP DDoS mitigation and Web Applic...
Tempesta FW: a FrameWork and FireWall for HTTP DDoS mitigation and Web Applic...
Alexander Krizhanovsky
 
BSides LV 2016 - Beyond the tip of the iceberg - fuzzing binary protocols for...
BSides LV 2016 - Beyond the tip of the iceberg - fuzzing binary protocols for...BSides LV 2016 - Beyond the tip of the iceberg - fuzzing binary protocols for...
BSides LV 2016 - Beyond the tip of the iceberg - fuzzing binary protocols for...
Alexandre Moneger
 

Similaire à Dumb Ways To Die: How Not To Write TCP-based Network Applications (20)

(WEB401) Optimizing Your Web Server on AWS | AWS re:Invent 2014
(WEB401) Optimizing Your Web Server on AWS | AWS re:Invent 2014(WEB401) Optimizing Your Web Server on AWS | AWS re:Invent 2014
(WEB401) Optimizing Your Web Server on AWS | AWS re:Invent 2014
 
Introduction to HTTP/2
Introduction to HTTP/2Introduction to HTTP/2
Introduction to HTTP/2
 
Networks Have Layers - Understanding The OSI Model
Networks Have Layers - Understanding The OSI ModelNetworks Have Layers - Understanding The OSI Model
Networks Have Layers - Understanding The OSI Model
 
High performance browser networking ch1,2,3
High performance browser networking ch1,2,3High performance browser networking ch1,2,3
High performance browser networking ch1,2,3
 
Http2 in practice
Http2 in practiceHttp2 in practice
Http2 in practice
 
HTTP/2 turns 3 years old // Web Performance Meetup wao.io 20180612
HTTP/2 turns 3 years old // Web Performance Meetup wao.io 20180612HTTP/2 turns 3 years old // Web Performance Meetup wao.io 20180612
HTTP/2 turns 3 years old // Web Performance Meetup wao.io 20180612
 
ECS19 - Ingo Gegenwarth - Running Exchange in large environment
ECS19 - Ingo Gegenwarth - Running Exchange in large environmentECS19 - Ingo Gegenwarth - Running Exchange in large environment
ECS19 - Ingo Gegenwarth - Running Exchange in large environment
 
Primer to Browser Netwroking
Primer to Browser NetwrokingPrimer to Browser Netwroking
Primer to Browser Netwroking
 
High performace network of Cloud Native Taiwan User Group
High performace network of Cloud Native Taiwan User GroupHigh performace network of Cloud Native Taiwan User Group
High performace network of Cloud Native Taiwan User Group
 
stackconf 2023 | How the Network Protocols You Choose Ultimately Affect Your ...
stackconf 2023 | How the Network Protocols You Choose Ultimately Affect Your ...stackconf 2023 | How the Network Protocols You Choose Ultimately Affect Your ...
stackconf 2023 | How the Network Protocols You Choose Ultimately Affect Your ...
 
High perf-networking
High perf-networkingHigh perf-networking
High perf-networking
 
加快互联网核心协议,提高Web速度yuchungcheng
加快互联网核心协议,提高Web速度yuchungcheng加快互联网核心协议,提高Web速度yuchungcheng
加快互联网核心协议,提高Web速度yuchungcheng
 
Tuning the Kernel for Varnish Cache
Tuning the Kernel for Varnish CacheTuning the Kernel for Varnish Cache
Tuning the Kernel for Varnish Cache
 
Tech 2 Tech: Network performance
Tech 2 Tech: Network performanceTech 2 Tech: Network performance
Tech 2 Tech: Network performance
 
TCP and UDP
TCP and UDP TCP and UDP
TCP and UDP
 
Capacity Planning For LAMP
Capacity Planning For LAMPCapacity Planning For LAMP
Capacity Planning For LAMP
 
Multi-Tenancy Kafka cluster for LINE services with 250 billion daily messages
Multi-Tenancy Kafka cluster for LINE services with 250 billion daily messagesMulti-Tenancy Kafka cluster for LINE services with 250 billion daily messages
Multi-Tenancy Kafka cluster for LINE services with 250 billion daily messages
 
Tempesta FW: a FrameWork and FireWall for HTTP DDoS mitigation and Web Applic...
Tempesta FW: a FrameWork and FireWall for HTTP DDoS mitigation and Web Applic...Tempesta FW: a FrameWork and FireWall for HTTP DDoS mitigation and Web Applic...
Tempesta FW: a FrameWork and FireWall for HTTP DDoS mitigation and Web Applic...
 
HTML5, HTTP2, and You 1.1
HTML5, HTTP2, and You 1.1HTML5, HTTP2, and You 1.1
HTML5, HTTP2, and You 1.1
 
BSides LV 2016 - Beyond the tip of the iceberg - fuzzing binary protocols for...
BSides LV 2016 - Beyond the tip of the iceberg - fuzzing binary protocols for...BSides LV 2016 - Beyond the tip of the iceberg - fuzzing binary protocols for...
BSides LV 2016 - Beyond the tip of the iceberg - fuzzing binary protocols for...
 

Dernier

Salient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functionsSalient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functions
KarakKing
 
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
ZurliaSoop
 

Dernier (20)

HMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptxHMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
 
Salient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functionsSalient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functions
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The Basics
 
How to Create and Manage Wizard in Odoo 17
How to Create and Manage Wizard in Odoo 17How to Create and Manage Wizard in Odoo 17
How to Create and Manage Wizard in Odoo 17
 
ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.
 
Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)
 
Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024
 
Sociology 101 Demonstration of Learning Exhibit
Sociology 101 Demonstration of Learning ExhibitSociology 101 Demonstration of Learning Exhibit
Sociology 101 Demonstration of Learning Exhibit
 
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdfUGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
 
REMIFENTANIL: An Ultra short acting opioid.pptx
REMIFENTANIL: An Ultra short acting opioid.pptxREMIFENTANIL: An Ultra short acting opioid.pptx
REMIFENTANIL: An Ultra short acting opioid.pptx
 
ICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptxICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptx
 
Fostering Friendships - Enhancing Social Bonds in the Classroom
Fostering Friendships - Enhancing Social Bonds in the ClassroomFostering Friendships - Enhancing Social Bonds in the Classroom
Fostering Friendships - Enhancing Social Bonds in the Classroom
 
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
 
Application orientated numerical on hev.ppt
Application orientated numerical on hev.pptApplication orientated numerical on hev.ppt
Application orientated numerical on hev.ppt
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdf
 
Key note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfKey note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdf
 
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptxHMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
 
Single or Multiple melodic lines structure
Single or Multiple melodic lines structureSingle or Multiple melodic lines structure
Single or Multiple melodic lines structure
 
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
 

Dumb Ways To Die: How Not To Write TCP-based Network Applications

  • 1. HOW[NOT]TO Write TCP-based Network Applications Artyom Gavrichenkov 1/x
  • 2. Based on a True Story • NOT AN AD! • Qrator: distributed network ● Custom TCP/IP at the bottom ● Custom management protocol at the top ● Interacting with plenty of Web servers and Web browsers on a daily basis ● 2 years of continuous debug^W Product ImprovementTM 2
  • 3. Issue #1 • Message delivery is unreliable in TCP.
  • 4. Issue #1 • Message delivery is unreliable in TCP: there's no estimation on when (and if) the message will arrive at all • Timeouts! • Limit all resources, including time • No action is itself an action
  • 5. Timeouts • Between recvfrom() • Between requests • Request timeout • Lifetime of a session • Lifetime of %OBJECTNAME% • Long polling may be a bad idea
  • 6. Ex. 1 • Slowloris (Apache): DoS ● (not distributed, just denial of service) • Slow HTTP POST ● Apache, IIS, Lighttpd: DoS ● Nginx: DDoS with a botnet
  • 7. Ex. 2 12 rpm AJAX page update ● Backup script switched the server off
  • 8.
  • 9. Content-Length – Limit resources for all actions – Custom protocol should define limits on the input length
  • 10. errno(3) – The connection may be closed for no good reason – Check errno after recvfrom(), sendto(), etc. ● ENOMEM ● ECONNRESET ● EANYTHING
  • 11. Ex. 3 ● Internet Explorer: ECONNRESET means successful connection termination – Download status is being ignored – Content-Length is being ignored
  • 12. Memory limits – Resource limits: ● Maximum – ENOMEM ● Minimum – idle wait → ECONNRESET
  • 13. Ex. 4 – DNS TTL ● Too big: days of downtime (continuous) ● Too small: days of downtime (total)
  • 14. Latency – 3-Way Handshake takes time – Do implement persistent connections! ● Do it from the very beginning
  • 15. They haven't listened to me! ● TCP – T/TCP ● HTTP/1.0 – HTTP/1.1
  • 16. Optimization – Measure! – Profile! – Emulate packet loss!
  • 17. Optimization – Text-based protocols are convenient to debug ● And you will debug – Maybe even in production – Making use of binary protocols is often a premature optimization ● BSON, Google Protocol Buffers
  • 18. Optimization ● TCP socket options: – TCP_NODELAY: disables Nagle's algorithm ● Speedup with small portions of data – TCP_CORK (Linux): multiple portions of data in a single TCP segment – "socket corking"
  • 19. Optimization ● TCP stack options: – Linux: /proc/sys/net/** ● net.ipv4.tcp_fin_timeout ● net.ipv4.tcp_{,r,w}mem ● net.core.{r,w}mem_max – Windows: HKLMSystemCurrentControlSetServicesTcpipParameters
  • 20. IPv6 ● Accidental IPv6 deployment
  • 21. • SO_REUSEADDR • sendfile(2) • select(2)/poll(2)/epoll(7) • {n,h}to{n,h}{s,l}() • int64_t vs long 21
  • 22. This is it! Artyom Gavrichenkov <ximaera@highloadlab.com>