Putting the Network to Work

Slides:

Advertisements

Similar presentations

Enabling Secure Internet Access with ISA Server

Advertisements

Hypertext Transfer PROTOCOL ----HTTP Sen Wang CSE5232 Network Programming.

Advanced Windows Azure: Infrastructure as a service (IaaS)

Traffic Infrastructure ©2013 LinkedIn Corporation. All Rights Reserved. HTTP/2 and a faster Web What it is, what it does and what does it mean.

Module 5: TLS and SSL 1. Overview Transport Layer Security Overview Secure Socket Layer Overview SSL Termination SSL in the Hosted Environment Load Balanced.

SPDY - Clean Slate HTTP About SPDY o What is SPDY o Goals o Features About HTTP o Simple HTTP o Pipelining for cuncurrency o Pipelining doesn’t help SPDY.

By Jory Cohen Made for CISC856, Spring 2010 Thanks to Dr. Amer, Mike Belshe(Google), Jon Leighton.

Sikker adgang fra alle devices edgemo summit CPH maj 2014.

1 Content Delivery Networks iBAND2 May 24, 1999 Dave Farber CTO Sandpiper Networks, Inc.

Blue Coat Systems Securing and accelerating the Remote office Matt Bennett.

1 Configuring Web services (Week 15, Monday 4/17/2006) © Abdou Illia, Spring 2006.

CSE 190: Internet E-Commerce Lecture 16: Performance.

EEC-484/584 Computer Networks Discussion Session for HTTP and DNS Wenbing Zhao

CDNs & Replication Prof. Vern Paxson EE122 Fall 2007 TAs: Lisa Fowler, Daniel Killebrew, Jorge Ortiz.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.

Performance Comparison of Congested HTTP/2 Links Brian Card, CS /7/

Application Layer. Domain Name System Domain Name System (DNS) Problem – Want to go to but don’t know the IP addresswww.google.com Solution.

1 Enabling Secure Internet Access with ISA Server.

Network. Add speed of light and speed in fiber Inspired by High Performance Browser Networking (Ilya Grigorik) Even Faster Web Sites (Steve Souders)

Mark Phillip markphillip.com 200s, 304s, Expires Headers, HTTP Compression, And You.

CS 4700 / CS 5700 Network Fundamentals Lecture 17.5: Project 5 Hints (Getting a job at Akamai) Revised 3/31/2014.

Performance, SEO, Accessibility Ivan Zhekov Telerik Corporation

Managing Client Access

Course 201 – Administration, Content Inspection and SSL VPN

1 Caching  Temporary storage of frequently accessed data (duplicating original data stored somewhere else)  Reduces access time/latency for clients 

IT 210 The Internet & World Wide Web introduction.

Barracuda Load Balancer Server Availability and Scalability.

Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.

 Zhichun Li  The Robust and Secure Systems group at NEC Research Labs  Northwestern University  Tsinghua University 2.

DNN Performance & Scalability Planning, Evaluating & Improving : Part 2.

DNS and HTTP. Finally, the application layer! We have learned about: – Signals being sent on wires – Frames carried over dumb local networks – Packets.

UDgateway WAN Optimization. 1. Why UDgateway? All-in-one solution Value added services – Networking project requirements Optimize IP traffic on constrained.

{ Content Distribution Networks ECE544 Dhananjay Makwana Principal Software Engineer, Semandex Networks 5/2/14ECE544.

Chapter 6: Packet Filtering

Building Highly Scalable Websites Karol Jarkovsky Sr. Solution Architect

Implementing ISA Server Publishing. Introduction What Are Web Publishing Rules? ISA Server uses Web publishing rules to make Web sites on protected networks.

Chapter 1: The Internet and the WWW CIS 275—Web Application Development for Business I.

Deploying XenApp and XenDesktop with BIG-IP Brent Imhoff – Field Systems Engineer Gary Zaleski – Solutions Architect Michael Koyfman – Solutions Architect.

Orbited Scaling Bi-directional web applications A presentation by Michael Carter

Packet Filtering Chapter 4. Learning Objectives Understand packets and packet filtering Understand approaches to packet filtering Set specific filtering.

CSE 461 HTTP and the Web. This Lecture  HTTP and the Web (but not HTML)  Focus  How do Web transfers work?  Topics  HTTP, HTTP1.1  Performance Improvements.

Web Design (1) Terminology. Coding ‘languages’ (1) HTML - Hypertext Markup Language - describes the content of a web page CSS - Cascading Style Sheets.

Networking Fundamentals. Basics Network – collection of nodes and links that cooperate for communication Nodes – computer systems –Internal (routers,

Integrating and Troubleshooting Citrix Access Gateway.

PERFORMANCE ENHANCEMENT IN ASP.NET By Hassan Tariq Session #1.

2007cs Servers on the Web. The World-Wide Web 2007 cs CSS JS HTML Server Browser JS CSS HTML Transfer of resources using HTTP.

Web Technologies Lecture 1 The Internet and HTTP.

Restricted © Siemens AG All rights reserved A Developer’s Insights Into Performance Optimizations for Mobile Web Apps CT DC AA EM LP2 | June 2015.

Computer Network Architecture Lecture 6: OSI Model Layers Examples 1 20/12/2012.

Web Cache. What is Cache? Cache is the storing of data temporarily to improve performance. Cache exist in a variety of areas such as your CPU, Hard Disk.

John S. Otto Mario A. Sánchez John P. Rula Fabián E. Bustamante Northwestern, EECS.

WHAT'S THE DIFFERENCE BETWEEN A WEB APPLICATION STREAMING NETWORK AND A CDN? INSTART LOGIC.

Chapter 11 – Cloud Application Development. Contents Motivation. Connecting clients to instances through firewalls. Cloud Computing: Theory and Practice.

End-host IP: MAC: 11:11:11:11:11 gateway IP: MAC: 22:22:22:22:22 Google server IP: interne t interface DNS server IP:

MICROSOFT AJAX CDN (CONTENT DELIVERY NETWORK) Make Your ASP.NET site faster to retrieve.

Enhance Your Page Load Speed And Improve Traffic.

Andrew Lahiff HEP SYSMAN June 2016 Hiding infrastructure problems from users: load balancers at the RAL Tier-1 1.

Presented by Michael Rainey South Mississippi Linux Users Group

NodeJS Security Using PassportJS and HelmetJS:

How HTTP Works Made by Manish Kushwaha.

COMP2322 Lab 6 TCP Steven Lee Mar 29, 2017.

Ad-blocker circumvention System

A10 Networks vThunder Leverages the Powerful Microsoft Azure Cloud Platform to Offer Advanced Layer 4-7 Networking, Security on a Global Scale MICROSOFT.

Web Caching? Web Caching:.

Utilization of Azure CDN for the large file distribution

Hints and tips for faster web apps

CSE 461 HTTP and the Web.

Protocol Application TCP/IP Layer Model

Route web traffic using Azure CLI

CSCI-351 Data communication and Networks

Presentation transcript:

Putting the Network to Work Manish Vachharajani Senior Architect, F5 Networks

Your App vs. the Network The Internet Devices Servers Users

Your App vs. the Network (2) The Internet Devices Router Firewall Servers Users Limited Bandwidth Long Round Trip Times (RTT, aka Ping Time) Poor protocol and web browser interactions

High Performance Websites in One Slide Avoid Render Blocking by Scripts Avoid Render Blocking by CSS Minify HTML Minify Javascript Minify CSS Optimize Images Avoid Landing Page Redirects Prioritize Visible Content Leverage Browser Caching Reduce Server Response Time Optimize TCP for client networks Route clients to the best datacenter Use SSL False start Enable SSL Reuse Use OCSP stapling Use HSTS

Network Waterfall Timing Diagram Web Page Test (www.webpagetest.org)

Javascript and the Network

Transport Compression Increased Latency Transport Compression After compression 1.5 seconds faster Before Compression

CSS and the Network

Images, other External Resources and the Network CSS cascade 150 kB Images

Semantic Compression – Minification and JPG PNG Is BEtter UglifyCSS, … JPG is Better UglifyJS, …

Inlining Content Gross! But Effective! SPDY and HTTP/2.0 Resolve Connection Blocking with multiple Streams Per Connection

RTT and Connection Establishment Server Client Speed Of Light, NY to London is 28 ms 1.5 RTT = 84ms SYN 56 ms SYN/ACK ACK HTTP Request RTT is primarily controlled by ISP infrastructure Cannot reduce RTT Except by moving TCP end points closer to the client CDN, proper DNS resolution to closest datacenter

Now add TLS/SSL Client Server SYN SYN/ACK ACK/Client Hello Server Hello/Cert/etc. 224 ms ClientKeyExchange/Ciphers Ciphers HTTP Request

Optimize SSL Score your site: https://www.ssllabs.com/ssltest/ See istlsfastyet.com for suggestions Session resumption (i.e., reuse, caching ok, tickets preferred) reduces RTs To 168 ms in prior example (1 RT) SSL False Start Concurrently transmit application data with ClientKeyExchange Overlaps application data transfer with session establishment, hiding latency Early Termination Terminate connections closer to the end client OCSP Stapling Eliminate network traffic for client to validate server certificate HTTP Strict Transport Security Avoid HTTP to HTTPS redirect on subsequent visits

Lots of Other Stuff There are dozens of talks about how to best do each of these things, and avoid the problems. There are other effects and optmizations I have not even discussed here, and are not covered by Google Page Speed and other tools

F5 BIG IP The Internet Servers Users Devices DNS, Firewall, Load Balancing, Content Optimization, TCP optimization, SSL Acceleration, … BIG-IP Platform Servers Users

BIG IP Examples The Internet GET /index.html HTTP/1.1 Devices The Internet DNS, Firewall, Load Balancing, Content Optimization, TCP optimization, SSL Acceleration, … BIG-IP Platform Servers GET /index.html HTTP/1.1 GET /index.html HTTP/1.1 TCP Optimized SSL Optimized Cache Headers Added Optional Caching URL rewriting (CDN, etc.) SPDY, HTTP/2.0 … GET /index.css HTTP/1.1 Returns minified index.html minified inlined index.css, inlined imports inlined and minified index.js inlined images, etc. (inlining, minification configurable) GET /index.js HTTP/1.1

BIG IP Form Factors and Availability Hardware, Virtual Machine, Cloud Marketplace VMWare, Xen, KVM, and AWS Marketplace, BYOL in other clouds More deployment options going forward

LineRate Node.js in the datapath Bare Metal or VM (high performance or high density) Fully automated deployment via true REST API Download and buy at linerate.f5.com

Booth #508