Fair queuing is an interesting and complementary approach that I have not considered, thanks for the suggestion. I usually work with "internal" systems that don't always have an obvious "user" identifier, but it would…
I agree that a universal solution sounds difficult. However, it seems like it should be possible to have something that works "well enough" for some (broad) class of servers. My example is TCP, which does a "good…
Exactly right. I just enabled billing on this project. Oops!
This is a good point, although I don't think I said "connections", I said "requests". The definition of requests is going to vary significantly. Yes, very slow clients are yet another problem that extremely robust…
I use App Engine's static file serving to serve my site. It has a 1 GB/day bandwidth limit. It turns out Hacker News still moves a lot of traffic, so this is the first time I've crossed it! Oops. Billing is now enabled…
Awesome this is exactly the sort of system I had in mind when I wrote that article, I'll take a look, thanks!
Thanks for the link, the abstract seems relevant. I agree: a control algorithm seems like it should work. The challenge is figuring out the metrics and parameters to make something that works "well enough" for most…
You make an excellent point: probability says a 4-byte CRC32C provides much weaker guarantees as the length of the message gets longer. These CRCs are typically optimized for pretty short messages, and that is what I…
See the previous Hacker News discussion from October 2015: https://news.ycombinator.com/item?id=10360108 I'm glad people are still interested in this subject. :)
Ah thanks, that makes sense. Fun trade-offs: Either run out of memory when you call fork, or fight with the out-of-memory killer at a later time :)
This is possible, but I find these restrictions to be hard to follow. As soon as you need to call a function, you now need to audit that function to determine that it only calls other async signal safe functions. When…
Thanks for pointing this out! Interesting that the code states that part of the concern is increasing memory usage. I don't quite understand why it would "duplicate the memory usage" since fork uses copy-on-write?…
Fair point. My opinion is that in today's age of multi-core CPUs, shared memory concurrency is extremely useful for making efficient use of computing resources. As a result, I find threads to be unavoidable in most…
You are completely correct! The thing that surprised me is how difficult that can be. For example, on Mac OS X if you want to read the system proxy settings, you magically get threads added to your program that you…
Part of my motivation for writing these things is because after I've wasted so much time, I'd love to help others not do the same. Hopefully the article shows up when you search for the right error message. Its also so…
You are completely correct: it is in fact possible to use fork if you can carefully control the state of threads in your program. My point is that can be difficult in large software projects, particularly when random…
I've been trying to get Docker to include this workaround when it creates containers to ensure people don't run into it, but this has not gotten any attention: https://github.com/docker/docker/issues/18776 Mesos has a…
It might. I don't know enough about them. Anything that routes packets without NAT to a veth device is affected.
Yes, with some caveats: Lots of configurations that use veths use NAT to share the IP address of the host. For example, this is Docker's default configuration. In this case, the host kernel checks the TCP checksum no…
Thanks for the details! This is basically what Vijay and I were guessing by the fact that the MTU is something less than 1500 on Google Compute Engine. The demonstration that Vijay added to the post was done on Google…
Its actually very useful, although very weak. The link layer check, at least in the case of Ethernet, really only protects your data "on the wire". It doesn't protect it inside the switches. It turns out there are…
It turns out that hardware can fail in weird ways. Its not common, but it appears that it is not uncommon that the memory in a network device can go bad. When this happens, lots of packets are corrupted. I have a…
Pretty much. It turns out that marketing is hard. :)
Open sourcing things is hard, and yes we did the classic mistake of "throwing it over the wall" and not being able to give it the time and attention it would need to be successful. We guessed that would likely be the…
Sorry for the delay. The monthly costs (which are actually closer ~$800-1000/month), are a small part. A bigger worry is if we take money from people, we really have some obligation to provide "reasonable" service.…
Fair queuing is an interesting and complementary approach that I have not considered, thanks for the suggestion. I usually work with "internal" systems that don't always have an obvious "user" identifier, but it would…
I agree that a universal solution sounds difficult. However, it seems like it should be possible to have something that works "well enough" for some (broad) class of servers. My example is TCP, which does a "good…
Exactly right. I just enabled billing on this project. Oops!
This is a good point, although I don't think I said "connections", I said "requests". The definition of requests is going to vary significantly. Yes, very slow clients are yet another problem that extremely robust…
I use App Engine's static file serving to serve my site. It has a 1 GB/day bandwidth limit. It turns out Hacker News still moves a lot of traffic, so this is the first time I've crossed it! Oops. Billing is now enabled…
Awesome this is exactly the sort of system I had in mind when I wrote that article, I'll take a look, thanks!
Thanks for the link, the abstract seems relevant. I agree: a control algorithm seems like it should work. The challenge is figuring out the metrics and parameters to make something that works "well enough" for most…
You make an excellent point: probability says a 4-byte CRC32C provides much weaker guarantees as the length of the message gets longer. These CRCs are typically optimized for pretty short messages, and that is what I…
See the previous Hacker News discussion from October 2015: https://news.ycombinator.com/item?id=10360108 I'm glad people are still interested in this subject. :)
Ah thanks, that makes sense. Fun trade-offs: Either run out of memory when you call fork, or fight with the out-of-memory killer at a later time :)
This is possible, but I find these restrictions to be hard to follow. As soon as you need to call a function, you now need to audit that function to determine that it only calls other async signal safe functions. When…
Thanks for pointing this out! Interesting that the code states that part of the concern is increasing memory usage. I don't quite understand why it would "duplicate the memory usage" since fork uses copy-on-write?…
Fair point. My opinion is that in today's age of multi-core CPUs, shared memory concurrency is extremely useful for making efficient use of computing resources. As a result, I find threads to be unavoidable in most…
You are completely correct! The thing that surprised me is how difficult that can be. For example, on Mac OS X if you want to read the system proxy settings, you magically get threads added to your program that you…
Part of my motivation for writing these things is because after I've wasted so much time, I'd love to help others not do the same. Hopefully the article shows up when you search for the right error message. Its also so…
You are completely correct: it is in fact possible to use fork if you can carefully control the state of threads in your program. My point is that can be difficult in large software projects, particularly when random…
I've been trying to get Docker to include this workaround when it creates containers to ensure people don't run into it, but this has not gotten any attention: https://github.com/docker/docker/issues/18776 Mesos has a…
It might. I don't know enough about them. Anything that routes packets without NAT to a veth device is affected.
Yes, with some caveats: Lots of configurations that use veths use NAT to share the IP address of the host. For example, this is Docker's default configuration. In this case, the host kernel checks the TCP checksum no…
Thanks for the details! This is basically what Vijay and I were guessing by the fact that the MTU is something less than 1500 on Google Compute Engine. The demonstration that Vijay added to the post was done on Google…
Its actually very useful, although very weak. The link layer check, at least in the case of Ethernet, really only protects your data "on the wire". It doesn't protect it inside the switches. It turns out there are…
It turns out that hardware can fail in weird ways. Its not common, but it appears that it is not uncommon that the memory in a network device can go bad. When this happens, lots of packets are corrupted. I have a…
Pretty much. It turns out that marketing is hard. :)
Open sourcing things is hard, and yes we did the classic mistake of "throwing it over the wall" and not being able to give it the time and attention it would need to be successful. We guessed that would likely be the…
Sorry for the delay. The monthly costs (which are actually closer ~$800-1000/month), are a small part. A bigger worry is if we take money from people, we really have some obligation to provide "reasonable" service.…