The Linux Performance and Security Blog
1 October 2023
Tempesta FW 0.7: WordPress, HTTP/2 and the fastest TLS
You probably noticed that the website looks different. It not only looks different, but the whole machinery is different. We...
23 February 2022
Understanding Nginx tail latencies
We traced Nginx running on a 80 CPU server as a CDN node in one of the world largest Internet exchange point. We revealed that a ligh-weight monitoring process may cause severe latencies due to the Linux CPU scheduler. During the investigations we had a lot of fun with eBPF and perf.
Learn how to build a high performance billing system for video conferencing services. This article studies the case of a lean startup who we helped to with building the system. We focus not only on the system performance, but also how to make it with as low budget as possible.
It might sound strange, but database performance does depend on used encodings. In this post we explore why and compare performance on different encodings for MariaDB and MySQL.
29 April 2021
Non-hierarchical caching for CDN
The recent paper "The Storage Hierarchy is Not a Hierarchy: Optimizing Caching on Modern Storage Devices with Orthus" proposes interesting extension for traditional caching. The approach might be beneficial in Video on demand (VOD) content delivery networks (CDN) challenged by large amount of stored data and high throughput requirements.
28 October 2020
Fast programming languages: C, C++, Rust, and Assembly
We explore several practical performance critical tasks and how they can be solved in C, C++, Rust, and Assembly programming languages. We mostly focus on the speed, but also consider developer productivity and the programs safety. You might be surprised that solving some tasks in Assembly might be more productive than in C programming language!
Small businesses are the backbone of the American economy, but the COVID 19 pandemic hurts the sector more than most. That is why our mission is to help small businesses grow even during these difficult times.
15 June 2020
User space TCP?
Kernel bypass technologies like DPDK and Netmap are popular for development of high speed network applications. In this article we discuss user space TCP/IP stacks and their applicability for HTTPS servers.
25 March 2020
Web application firewall acceleration
From our experience in developing custom core logic of Web Application Firewalls (WAF), we learned several performance issues typical for the most, or even all, modern WAFs which may lead to high cost of ownership and/or denial of service. In this article we introduce a WAF accelerator, which like a web accelerator, improves performance of WAFs and protects them against DDoS attacks.
12 December 2019
CPDoS: Cache Poisoned Denial of Service
Being a light-weight web application firewall, Tempesta FW takes care about prevention of well-known web cache deception and poisoning attacks. However, recently a new attack of the web cache poisoning class, Cache-Poisoned Denial-of-Service (CPDoS), has appeared and made us to extend our HTTP parser to prevent the attack.
14 November 2019
Review of Google Snap paper
Read our review of Google paper "Snap: a Microkernel Approach to Host Networking" presented on ACM SIGOPS 27th Symposium on OperatingSystems Principles (SOSP 2019). We compare the Snap approach with Temepsta FW synchronous sockets.
3 November 2019
Recap NatSys Lab. blog
We recap the most interesting posts since 2011 from our old NatSys Laboratory blog: effect of the recent CPU vulnerabilities onto Linux system calls performance, deep dive into HTTP proxies functionality and performance comparison of Tempesta FW with Nginx and HAProxy, fast strings processing algorithms, lock-free data structures, and memory allocators. A lot of technical details!