Network performance regressions from TCP SACK vulnerability fixes (databricks.com) 31 points by rxin 6y ago ↗ HN
[–] xyzzy_plugh 6y ago ↗ The article includes no details on what kernel patch they applied, what kernel version is in their AMI, or if they even have SACK enabled.Guess you're on your own, Team Databricks! [–] rxin 6y ago ↗ More coming next week. We believe we got to the bottom of this last night. [–] rxin 6y ago ↗ We posted more details just now. Will share more next week too. [–] [deleted] 6y ago ↗ (comment deleted)
[–] outworlder 6y ago ↗ If true, this is unfortunate for anyone who was forced to apply their workaround in their systems, due to them being flagged by some "compliance" tool, even though they are not even accessible externally.
[–] ryacko 6y ago ↗ Regressions should be expected, because the unpatched code would have less checks to ensure correct operation.
6 comments
[ 4.6 ms ] story [ 27.6 ms ] threadGuess you're on your own, Team Databricks!