WebPerf [Dropbox] Optimizing web servers for high throughput and low latency

eva2000 · Sep 7, 2017

Nice article by folks at Dropbox https://blogs.dropbox.com/tech/2017/09/optimizing-web-servers-for-high-throughput-and-low-latency/

This is an expanded version of my talk at NginxConf 2017 on September 6, 2017. As an SRE on the Dropbox Traffic Team, I’m responsible for our Edge network: its reliability, performance, and efficiency. The Dropbox edge network is an nginx-based proxy tier designed to handle both latency-sensitive metadata transactions and high-throughput data transfers. In a system that is handling tens of gigabits per second while simultaneously processing tens of thousands latency-sensitive transactions, there are efficiency/performance optimizations throughout the proxy stack, from drivers and interrupts, through TCP/IP and kernel, to library, and application level tunings.
Click to expand...

RoldanLT · Sep 8, 2017

Centminmod doesn't use this why?

net.ipv4.tcp_mtu_probing=1—useful if there are ICMP blackholes between you and your clients(most likely there are).

Click to expand...

pamamolf · Sep 8, 2017

Don't know if enabling this may help attackers to use such packets to attack or not?

#recommended for hosts with jumbo frames enabled
net.ipv4.tcp_mtu_probing=1

eva2000 · Sep 8, 2017

Alot of the advanced optimisations outlined in that article would need a good understanding of it's implications for specific usage scenarios so like the article says, test for your circumstances and usage and see if it works for you.
Missing ICMP “Packet too big” notifications can result in connections stalling and timing out. This is often called a PMTU blackhole. To aid this pessimistic case Linux implements a workaround - MTU Probing RFC4821. MTU Probing tries to automatically identify packets dropped due to the wrong MTU, and uses heuristics to tune it. This feature is controlled via a sysctl:
Code (Text):
$ echo 1 > /proc/sys/net/ipv4/tcp_mtu_probing
But MTU probing is not without its own issues. First, it tends to miscategorize congestion-related packet loss as MTU issues. Long running connections tend to end up with a reduced MTU. Secondly, Linux does not implement MTU Probing for IPv6.
Click to expand...

Log in / Register

Forums

Join the community today

WebPerf [Dropbox] Optimizing web servers for high throughput and low latency

eva2000 Administrator Staff Member

RoldanLT Well-Known Member

pamamolf Well-Known Member

eva2000 Administrator Staff Member

.

Log in / Register

Useful Searches

Join the community today

WebPerf [Dropbox] Optimizing web servers for high throughput and low latency

eva2000 Administrator Staff Member

RoldanLT Well-Known Member

pamamolf Well-Known Member

eva2000 Administrator Staff Member

.