The document discusses TCP performance for mobile applications. It describes the networking stack with layers for the application, session, transport, network, and data link. It then provides examples of packet captures for a TCP connection between localhost ports, showing the handshake, data transfer, and connection termination.
.NET has accustomed us to writing code quickly and without thinking about what is going on underneath. Unfortunately, convenience comes with additional cost. It is very easy to lose the performance of our component through simple statement or code block which behaves differently than we thought. I will focus on the everyday performance traps, which can spoil your hard effort.
Everything you wanted to know about Stack Traces and Heap DumpsAndrei Pangin
Stack traces and heap dumps are not just debugging tools; they open a doorway to the very heart of the Java Virtual Machine. This session is focused on peculiarities of JDK somehow related to heap walking and thread stacks.
• How to create dump in production without side effects?
• What is the performance impact of stack traces?
• How do jmap and jstack work under the hood, and what is special about 'forced' mode?
• Why do all profilers lie, and how to deal with it?
• How to scan heap using JVMTI?
The presentation supported by the live demos will address all these questions. It will also introduce new Java 9 Stack-Walking API (JEP 259) and reveal some useful but little known features of HotSpot JVM.
There is hardly a Senior Java developer who has never heard of sun.misc.Unsafe. Though it has always been a private API intended for JDK internal use only, the popularity of Unsafe has grown too fast, and now it is used in many open-source projects. OK.RU is not an exception: its software also heavily relies on Unsafe APIs.
During this session we'll try to understand what is so attractive about Unsafe. Why do people keep using it regardless the warnings of removal from future JDK releases? Are there any safe alternatives to private API or is it absolutely vital? We will review the typical cases when Java developers prefer to go unsafe and discuss major benefits and the drawbacks of it. The report will be supported by the real examples from OK.RU experience.
.NET has accustomed us to writing code quickly and without thinking about what is going on underneath. Unfortunately, convenience comes with additional cost. It is very easy to lose the performance of our component through simple statement or code block which behaves differently than we thought. I will focus on the everyday performance traps, which can spoil your hard effort.
Everything you wanted to know about Stack Traces and Heap DumpsAndrei Pangin
Stack traces and heap dumps are not just debugging tools; they open a doorway to the very heart of the Java Virtual Machine. This session is focused on peculiarities of JDK somehow related to heap walking and thread stacks.
• How to create dump in production without side effects?
• What is the performance impact of stack traces?
• How do jmap and jstack work under the hood, and what is special about 'forced' mode?
• Why do all profilers lie, and how to deal with it?
• How to scan heap using JVMTI?
The presentation supported by the live demos will address all these questions. It will also introduce new Java 9 Stack-Walking API (JEP 259) and reveal some useful but little known features of HotSpot JVM.
There is hardly a Senior Java developer who has never heard of sun.misc.Unsafe. Though it has always been a private API intended for JDK internal use only, the popularity of Unsafe has grown too fast, and now it is used in many open-source projects. OK.RU is not an exception: its software also heavily relies on Unsafe APIs.
During this session we'll try to understand what is so attractive about Unsafe. Why do people keep using it regardless the warnings of removal from future JDK releases? Are there any safe alternatives to private API or is it absolutely vital? We will review the typical cases when Java developers prefer to go unsafe and discuss major benefits and the drawbacks of it. The report will be supported by the real examples from OK.RU experience.
Java и Linux — особенности эксплуатации / Алексей Рагозин (Дойче Банк)Ontico
HighLoad++ 2017
Зал «Рио-де-Жанейро», 8 ноября, 11:00
Тезисы:
http://www.highload.ru/2017/abstracts/2884.html
Java на Linux встречается повсеместно в информационных системах от больших данных до новомодных serverless архитектур. Как Linux, так и Java имеют свои эксплуатационные нюансы. Понимание этих нюансов важно, чтобы заставить стек Java + Linux работать стабильно и эффективно.
Но на практике "джависты" очень любят мыслить кроссплатформенно и не хотят разбираться с особенностями операционной системы, a "линускоиды" считают JVM чуждым миру Linux процессом, пожирающим всю доступную на сервере память.
А потом появляется Docker, и нюансов становится ещё больше...
Цель доклада - рассказать "джавистам" про Linux и Docker, а "линуксоидам" про JVM.
Geth is widely used to interact with Ethereum networks. Ethereum software enables a user to set up a
“private” or “testnet” Ethereum chain. This chain will be totally different from main chain.
Component that tell geth that we want to use/create a private Ethereum Chain:
1. Custom Genesis file
2. Custom Data Directory
3. Custom Network Id
4. Disable Node Discovery
Down to Stack Traces, up from Heap DumpsAndrei Pangin
Глубже стек-трейсов, шире хип-дампов
Stack trace и heap dump - не просто инструменты отладки; это потайные дверцы к самым недрам виртуальной Java машины. Доклад будет посвящён малоизвестным особенностям JDK, так или иначе связанным с обоходом хипа и стеками потоков.
Мы разберём:
- как снимать дампы в продакшне без побочных эффектов;
- как работают утилиты jmap и jstack изнутри, и в чём хитрость forced режима;
- почему все профилировщики врут, и как с этим бороться;
- познакомимся с новым Stack-Walking API в Java 9;
- научимся сканировать Heap средствами JVMTI;
- узнаем о недокументированных функциях Хотспота и других интересных штуках.
Data Wars: The Bloody Enterprise strikes backVictor_Cr
I would like to describe such cases when we create problems for "future us" just by an accident. I will show how different Java data types can ease or increase the pain in supporting the application later. Most common pitfals and tricky corner cases you probably have never thought about.
Sourcefire Vulnerability Research Team Labslosalamos
Today's client side attack threats represent a boon for the attacker in ways to obfuscate, evade, and hide their attacks methods. Adobe PDF, Flash, Microsoft Office documents, and Javascript require a very deep understanding of the file format, how its interpreted in the Browser, and understanding of the byte code paths that some of these formats can generate. To effectively handle some of these types of attacks it requires processing of these files multiple times to deal with compression, obfuscation, program execution, etc. This requires a new type of system to handle this type of inspection. The NRT system allows for this deep file format understanding and inspection.
ok.ru is one of top 10 internet sites of the World, according to similarweb.com. Under the hood, it has several thousand servers. Each of those servers own only fraction of the data or business logic. Shared nothing architecture can be hardly applied to social network, due to its nature, so a lot of communication happens between these servers, diverse in kind and volume. This makes ok.ru one of the largest, complicated, yet highly loaded distributed systems in the world.
This talk is about our experience in building always available, resilient to failures distributed systems in Java, their basic and not so basic failure and recovery scenarios, methods of failure testing and diagnostics. We’ll also discuss on possible disasters and how to prevent or get over them.
• Developed standard library cells using IBM 130nm technology in Cadence Virtuoso Layout editor for inverter, nand2, nor2, xnor2, mux2:1, oai2221, aoi22, oai121 and a master-slave negative edge triggered D-flip-flop with minimum area and diffusion breaks. Constructed the schematic, performed DRC-LVS closure of layout and generated a SPICE netlist with Calibre PEX extraction of all the standard cells.
• Simulated the netlists by HSPICE, verified the correctness of its functionality and also made timing analysis of D-flip-flop setup and hold times. Generated a new Synopsys cell library using SiliconSmart ACE and a new Cadence cell library from all the standard cells.
This talk gives a short introduction into buffer overflows, how to exploit them and which counter measures are used in openSUSE Linux to make exploitation harder.
We'll cover stack canaries, fortify source, address space layout randomization and NX. We'll see how they work and how they can be circumvented in a live demo of a working exploit that manages to circumvent these security measures.
This a collection of micro optimizations done for a course at vienna university of technology.
The code is available at: https://github.com/grill/micro-optimisations
Java и Linux — особенности эксплуатации / Алексей Рагозин (Дойче Банк)Ontico
HighLoad++ 2017
Зал «Рио-де-Жанейро», 8 ноября, 11:00
Тезисы:
http://www.highload.ru/2017/abstracts/2884.html
Java на Linux встречается повсеместно в информационных системах от больших данных до новомодных serverless архитектур. Как Linux, так и Java имеют свои эксплуатационные нюансы. Понимание этих нюансов важно, чтобы заставить стек Java + Linux работать стабильно и эффективно.
Но на практике "джависты" очень любят мыслить кроссплатформенно и не хотят разбираться с особенностями операционной системы, a "линускоиды" считают JVM чуждым миру Linux процессом, пожирающим всю доступную на сервере память.
А потом появляется Docker, и нюансов становится ещё больше...
Цель доклада - рассказать "джавистам" про Linux и Docker, а "линуксоидам" про JVM.
Geth is widely used to interact with Ethereum networks. Ethereum software enables a user to set up a
“private” or “testnet” Ethereum chain. This chain will be totally different from main chain.
Component that tell geth that we want to use/create a private Ethereum Chain:
1. Custom Genesis file
2. Custom Data Directory
3. Custom Network Id
4. Disable Node Discovery
Down to Stack Traces, up from Heap DumpsAndrei Pangin
Глубже стек-трейсов, шире хип-дампов
Stack trace и heap dump - не просто инструменты отладки; это потайные дверцы к самым недрам виртуальной Java машины. Доклад будет посвящён малоизвестным особенностям JDK, так или иначе связанным с обоходом хипа и стеками потоков.
Мы разберём:
- как снимать дампы в продакшне без побочных эффектов;
- как работают утилиты jmap и jstack изнутри, и в чём хитрость forced режима;
- почему все профилировщики врут, и как с этим бороться;
- познакомимся с новым Stack-Walking API в Java 9;
- научимся сканировать Heap средствами JVMTI;
- узнаем о недокументированных функциях Хотспота и других интересных штуках.
Data Wars: The Bloody Enterprise strikes backVictor_Cr
I would like to describe such cases when we create problems for "future us" just by an accident. I will show how different Java data types can ease or increase the pain in supporting the application later. Most common pitfals and tricky corner cases you probably have never thought about.
Sourcefire Vulnerability Research Team Labslosalamos
Today's client side attack threats represent a boon for the attacker in ways to obfuscate, evade, and hide their attacks methods. Adobe PDF, Flash, Microsoft Office documents, and Javascript require a very deep understanding of the file format, how its interpreted in the Browser, and understanding of the byte code paths that some of these formats can generate. To effectively handle some of these types of attacks it requires processing of these files multiple times to deal with compression, obfuscation, program execution, etc. This requires a new type of system to handle this type of inspection. The NRT system allows for this deep file format understanding and inspection.
ok.ru is one of top 10 internet sites of the World, according to similarweb.com. Under the hood, it has several thousand servers. Each of those servers own only fraction of the data or business logic. Shared nothing architecture can be hardly applied to social network, due to its nature, so a lot of communication happens between these servers, diverse in kind and volume. This makes ok.ru one of the largest, complicated, yet highly loaded distributed systems in the world.
This talk is about our experience in building always available, resilient to failures distributed systems in Java, their basic and not so basic failure and recovery scenarios, methods of failure testing and diagnostics. We’ll also discuss on possible disasters and how to prevent or get over them.
• Developed standard library cells using IBM 130nm technology in Cadence Virtuoso Layout editor for inverter, nand2, nor2, xnor2, mux2:1, oai2221, aoi22, oai121 and a master-slave negative edge triggered D-flip-flop with minimum area and diffusion breaks. Constructed the schematic, performed DRC-LVS closure of layout and generated a SPICE netlist with Calibre PEX extraction of all the standard cells.
• Simulated the netlists by HSPICE, verified the correctness of its functionality and also made timing analysis of D-flip-flop setup and hold times. Generated a new Synopsys cell library using SiliconSmart ACE and a new Cadence cell library from all the standard cells.
This talk gives a short introduction into buffer overflows, how to exploit them and which counter measures are used in openSUSE Linux to make exploitation harder.
We'll cover stack canaries, fortify source, address space layout randomization and NX. We'll see how they work and how they can be circumvented in a live demo of a working exploit that manages to circumvent these security measures.
This a collection of micro optimizations done for a course at vienna university of technology.
The code is available at: https://github.com/grill/micro-optimisations
In today's post I share my Top 10 Best Mobile. Presentations. Mobile Database Spatial databases provide structures for storage and analysis of spatial data; Spatial ... quickest route to victim
How deep is your buffer – Demystifying buffers and application performanceCumulus Networks
Packet buffer memory is among the oldest topics in networking, and yet it never seems to fade in popularity. Starting from the days of buffers sized by the bandwidth delay product to what is now called "buffer bloat", from the days of 10Mbps to 100Gbps, the discussion around how deep should the buffers be never ceases to evoke opinionated responses.
In this webinar we will be joined by JR Rivers, co-founder and CTO of Cumulus Networks, a man who has designed many ultra-successful switching chips, switch products, and compute platforms, to discuss the innards of buffering. This webinar will cover data path theory, tools to evaluate network data path behavior, and the configuration variations that affect application visible outcomes.
Troubleshooting tips and tricks for Oracle Database Oct 2020Sandesh Rao
This talk presents 15 different tips and tricks using tools to better troubleshoot and debug problems with Database , Oracle RAC and Oracle Clusterware , ASM and how to get the right pieces of data with the least of commands which today most people do manually. This session will cover tools from the Oracle Autonomous Health Framework (AHF) like Trace file Analyzer (TFA) to collect , organize and analyze log data , Exachk and orachk to perform mass best practices analysis and automation , Cluster Health Advisor to debug node evictions and calibrate the framework , OSWatcher and its analysis engine , oratop for pinpointing performance issues and many others to make one feel like a rockstar DBA.
Maximizing SQL Reviews and Tuning with pt-query-digestPythian
PalominoDB's Mark Filipi feels that pt-query-digest is one of the more valuable components of the Percona Toolkit available as OSS to DBAs. In this talk, Mark will teach with an eye towards real world test cases, output reviews and anecdotal production experience.
Similar to Владимир Кириллов-TCP-Performance for-Mobile-Applications (20)
4. Application HTTP
Session TLS
Transport TCP
Network IP
WiFi Edge
Data Link
3G LTE
5. Application HTTP NSURLConnection
Session TLS OpenSSL
Transport TCP SOCK_STREAM
Network IP kernel
WiFi Edge
Data Link hardware
3G LTE
Level Protocol API / Implementation
6. HTTP NSURLConnection ptrace
TLS OpenSSL socket
dtrace
API
TCP SOCK_STREAM
IP kernel bpf(4)
WiFi Edge
hardware
3G LTE
Protocol API / Implementation Introspection
20. client server
SO_RCVBUF SEG receiver window SEG SO_SNDBUF
SO_SNDBUF sender window
SEG SEG SO_RCVBUF
21. client server
SO_RCVBUF SEG receiver window
SEG SEG SEG SEG SEG SO_SNDBUF
SO_SNDBUF SEG receiver windowSEG
sender window
SEG SEG
SEG SEG SEG SEG SO_RCVBUF
24. % openssl s_client -
showcerts -connect
google.com:443
CONNECTED(00000003)
depth=1 /C=US/O=Google Inc/CN=Google Internet Authority
verify error:num=20:unable to get local issuer certificate
TLS
verify return:0
---
Certificate chain
0 s:/C=US/ST=California/L=Mountain View/O=Google Inc/
CN=*.google.com
i:/C=US/O=Google Inc/CN=Google Internet Authority
...
1 s:/C=US/O=Google Inc/CN=Google Internet Authority
i:/C=US/O=Equifax/OU=Equifax Secure Certificate Authority
...
SSL handshake has read 2388 bytes and written 316 bytes
25. % openssl s_client -showcerts -
connect ciklum.com:443
CONNECTED(00000003)
ciklum.net
depth=0 /C=UA/OU=Domain Control Validated/CN=*.
verify error:num=20:unable to get local issuer certificate
verify return:1 lol :)
depth=0 /C=UA/OU=Domain Control Validated/CN=*.ciklum.net
verify error:num=27:certificate not trusted
verify return:1
TLS depth=0 /C=UA/OU=Domain Control Validated/CN=*.ciklum.net
verify error:num=21:unable to verify the first certificate
verify return:1
---
Certificate chain
0 s:/C=UA/OU=Domain Control Validated/CN=*.ciklum.net
i:/O=AlphaSSL/CN=AlphaSSL CA - G2
...
Server certificate
subject=/C=UA/OU=Domain Control Validated/CN=*.ciklum.net
issuer=/O=AlphaSSL/CN=AlphaSSL CA - G2
SSL handshake has read 1854 bytes and written 328 bytes
26. HTTP 1 RTT
TLS 3 RTTs
TCP 1 RTT
IP
It takes 4 RTTs to serve a HTTPS request
27. HTTP 1 RTT
TLS 3 RTTs
TCP 1 RTT
IP
It takes 4 RTTs to serve a HTTPS request
29. client server
SO_RCVBUF SEG receiver window
SEG SEG SEG SEG SEG SO_SNDBUF
A A A A
SO_SNDBUF C receiver window
sender window
C SEG SEG
C C SO_RCVBUF
K K K K
30. AirPort router router
client Express server
SO_RCVBUF SEG receiver window
SEG SEG SEG SEG SEG SO_SNDBUF
A A A A
SO_SNDBUF C receiver window
sender window
C SEG SEG
C C SO_RCVBUF
K K K K
router
31. AirPort router router
client Express server
SO_RCVBUF SEG receiver window
SEG SEG SEG SEG SEG SO_SNDBUF
A A A A
SO_SNDBUF C receiver window
sender window
C SEG SEG
C C SO_RCVBUF
K K K K
router
retransmit on timeout
33. client server
SEG SEG SEG receiver
SEG
SO_RCVBUF
SEG SEG SEG SEG
SEG windowSEG
SEG SO_SNDBUF
SO_SNDBUF sender window SO_RCVBUF
34. AirPort router router
client Express server
SO_RCVBUF SEG receiver window
SEG SEG SEG SEG SEG SO_SNDBUF
A A A
SO_SNDBUF C receiver window
sender window
C C SO_RCVBUF
K K K
overloaded
router
^^^ What congestion control is actually designed for
35. AirPort router router
client Express server
S S S S
SO_RCVBUF E E E E SEG receiver window
SEG SEG SEG SEG SEG SO_SNDBUF
G G G G
A A A A
SO_SNDBUF C sender window
receiverSEG
C window C
SEG C SO_RCVBUF
K K K K
router
^^^ What actually happens on mobile devices
40. client server
SEG SEG
SEG
SEG SEG
SO_RCVBUF
SO_RCVBUF SEG SEG SEG SEG
SEG receiver window SO_SNDBUF
SO_SNDBUF sender window SO_RCVBUF
41. More • Additive Increase
Congestion • Multiplicative Decrease
Control • Slow Start
42.
43. • setsockopt(2)
• adjust window size
• socket buffer sizes
• TCP_NODELAY
iOS / Unix • etc
•getsockopt(2)
• monitoring
• low-latency responding to socket events
• do not let the buffer stay full
44. • Responsive UI
• Bad example: Instagram
Speedup • Bad example:VK
• best UI
• worst reliability
45. • TCP Fast Open
• Linux 3.6
• HAProxy
• TCP/NC
Speedup • TCP and math (maths)
• http://dspace.mit.edu/openaccess-
disseminate/1721.1/58796
• TCP Westwood+