Ваша оценкаHigh Performance Browser Networking: What every web developer should know about networking and web performance
Цитаты
alexey_m_ukolov12 февраля 2016 г.Michal Zalewski’s The Tangled Web: A Guide to Securing Modern Web Applications
0188- alexey_m_ukolov12 февраля 2016 г.
Jakob Nielsen’s Usability Engineering and Steven Seow’s Designing and Engineering Time are both excellent resources that every developer and designer should read! Time is measured objectively but perceived subjectively, and experiences can be engineered to improve perceived performance.
0154 - alexey_m_ukolov12 февраля 2016 г.
The application can subscribe to navigator.onLine notifications to monitor connection status. For a good introduction, also see Paul Kinlan’s article on HTML5Rocks: Working Off the Grid with HTML5 Offline.
031 - alexey_m_ukolov12 февраля 2016 г.Читать далее
However, in practice, you should disable TLS compression on your server for several reasons: The “CRIME” attack, published in 2012, leverages TLS compression to recover secret authentication cookies and allows the attacker to perform session hijacking. Transport-level TLS compression is not content aware and will end up attempting to recompress already compressed data (images, video, etc.). Double compression will waste CPU time on both the server and the client, and the security breach implications are quite serious: disable TLS compression.
028 - alexey_m_ukolov12 февраля 2016 г.
To determine the optimal TLS record size for your deployment: Allocate 20 bytes for IPv4 framing overhead and 40 bytes for IPv6. Allocate 20 bytes for TCP framing overhead. Allocate 40 bytes for TCP options overhead (timestamps, SACKs). Assuming a common 1,500-byte starting MTU, this leaves 1,420 bytes for a TLS record delivered over IPv4, and 1,400 bytes for IPv6. To be future-proof, use the IPv6 size: 1,400 bytes, or less if your MTU is lower.
020 - alexey_m_ukolov12 февраля 2016 г.In January this year (2010), Gmail switched to using HTTPS for everything by default. Previously it had been introduced as an option, but now all of our users use HTTPS to secure their email between their browsers and Google, all the time. In order to do this we had to deploy no additional machines and no special hardware. On our production frontend machines, SSL/TLS accounts for less than 1% of the CPU load, less than 10 KB of memory per connection and less than 2% of network overhead. Many people believe that SSL/TLS takes a lot of CPU time and we hope the preceding numbers (public for the first time) will help to dispel that.Читать далее021
- alexey_m_ukolov12 февраля 2016 г.Читать далее
Performance Checklist
Optimizing TCP performance pays high dividends, regardless of the type of application, for every new connection to your servers. A short list to put on the agenda:
Upgrade server kernel to latest version (Linux: 3.2+).
Ensure that cwnd size is set to 10.
Disable slow-start after idle.
Ensure that window scaling is enabled.
Eliminate redundant data transfers.
Compress transferred data.
Position servers closer to the user to reduce roundtrip times.
Reuse established TCP connections whenever possible.022 - alexey_m_ukolov12 февраля 2016 г.
For Linux users, ss is a useful power tool to inspect various statistics for open sockets. From the command line, run ss --options --extended --memory --processes --info to see the current peers and their respective connection settings.
020 - alexey_m_ukolov12 февраля 2016 г.Читать далее
The core principles and their implications remain unchanged: TCP three-way handshake introduces a full roundtrip of latency. TCP slow-start is applied to every new connection. TCP flow and congestion control regulate throughput of all connections. TCP throughput is regulated by current congestion window size. As a result, the rate with which a TCP connection can transfer data in modern high-speed networks is often limited by the roundtrip time between the receiver and sender. Further, while bandwidth continues to increase, latency is bounded by the speed of light and is already within a small constant factor of its maximum value. In most cases, latency, not bandwidth, is the bottleneck for TCP.
033 - alexey_m_ukolov12 февраля 2016 г.Читать далее
Slow-start is not as big of an issue for large, streaming downloads, as the client and the server will arrive at their maximum window sizes after a few hundred milliseconds and continue to transmit at near maximum speeds — the cost of the slow-start phase is amortized over the lifetime of the larger transfer. However, for many HTTP connections, which are often short and bursty, it is not unusual for the request to terminate before the maximum window size is reached. As a result, the performance of many web applications is often limited by the roundtrip time between server and client: slow-start limits the available bandwidth throughput, which has an adverse effect on the performance of small transfers.
015