The Holy Java

Building the right thing, building it right, fast

Archive for November, 2015

Troubleshooting And Improving HTTPS/TLS Connection Performance

Posted by Jakub Holý on November 27, 2015

Our team has struggled with slow calls to the back-end, resulting in unpleasant, user-perceivable delays. While a direct (HTTP) call to a backend REST service took around 50ms, our median time was around 300ms (while using HTTPS and a proxy between us and the service).

We have just decreased that time to median of 80ms by making sure to keep the connections alive and reusing them, which in Node.js can be achieved via using an https.agent and setting its keepAlive: true (see the Node TLS documentation).

PayPal has a couple of additional useful tips in their 4/2014 post Outbound SSL Performance in Node.js, mainly:

  • Disable expensive SSL ciphers (if you don’t need their strength)
  • Enable SSL session resume, if supported by the server, for shorter handshakes – the StrongLoop post “How-to Improve Node.js HTTPS Server Performance” explains how to enable SSL session resume
  • Keep Alive

The article SSL handshake latency and HTTPS optimizations (via Victor Danell) explains the ± 3.5* higher cost of SSL due to the 3 roundtrips need for the handshake (+ key generation time) and shows how to use curl to time connections and their SSL parts, as well as how to use OpenSSL and Tcpdump to learn even more about it.

See also IsTlsFastYet.com for a lot of valuable information, benchmarks etc.

Tools

(See the articles linked to above for examples)

  • curl
  • openssl s_client
  • pathchar by the traceroute author, intended to help to “find the bandwidth, delay, average queue and loss rate of every hop between any source & destination”; there is also pchar, based on it

 

Advertisements

Posted in General | Tagged: , , | Comments Off on Troubleshooting And Improving HTTPS/TLS Connection Performance

Moving Too Fast For UX? Genuine Needs, Wrong Solutions

Posted by Jakub Holý on November 12, 2015

Cross-posted from the TeliaSonera tech blog

Our UX designer and interaction specialist – a wonderful guy – has shocked us today by telling us that we (the developers) are moving too fast. He needs more time to do proper user experience and interface design – talk to real users, collect feedback, design based on data, not just hypotheses and gut feeling. To do this, he needs us to slow down.

We see a common human “mistake” here: where the expression of a genuine need gets mixed in with a suggestion for satisfying it. We are happy to learn about the need and will do our best to satisfy it (after all, we want everybody to be happy, and we too love evidence-based design) but we want to challenge the proposed solution. There is never just one way to satisfy a need – and the first proposed solution is rarely the best one (not mentioning that this particular one goes against the needs of us, the developers).

Read the rest of this entry »

Posted in SW development | Tagged: , , | 1 Comment »