Presentation is loading. Please wait.

Presentation is loading. Please wait.

Putting the Network to Work

Published byHilary Greene Modified over 8 years ago

Similar presentations

Presentation on theme: "Putting the Network to Work"— Presentation transcript:

1 Putting the Network to Work
Manish Vachharajani Senior Architect, F5 Networks

2 Your App vs. the Network The Internet Devices Servers Users

3 Your App vs. the Network (2)
The Internet Devices Router Firewall Servers Users Limited Bandwidth Long Round Trip Times (RTT, aka Ping Time) Poor protocol and web browser interactions

4 High Performance Websites in One Slide
Avoid Render Blocking by Scripts Avoid Render Blocking by CSS Minify HTML Minify Javascript Minify CSS Optimize Images Avoid Landing Page Redirects Prioritize Visible Content Leverage Browser Caching Reduce Server Response Time Optimize TCP for client networks Route clients to the best datacenter Use SSL False start Enable SSL Reuse Use OCSP stapling Use HSTS

5 Network Waterfall Timing Diagram
Web Page Test (

6 Javascript and the Network

7 Transport Compression
Increased Latency Transport Compression After compression 1.5 seconds faster Before Compression

8 CSS and the Network

9 Images, other External Resources and the Network
CSS cascade 150 kB Images

10 Semantic Compression – Minification and JPG
PNG Is BEtter UglifyCSS, … JPG is Better UglifyJS, …

11 Inlining Content Gross! But Effective!
SPDY and HTTP/2.0 Resolve Connection Blocking with multiple Streams Per Connection

12 RTT and Connection Establishment
Server Client Speed Of Light, NY to London is 28 ms 1.5 RTT = 84ms SYN 56 ms SYN/ACK ACK HTTP Request RTT is primarily controlled by ISP infrastructure Cannot reduce RTT Except by moving TCP end points closer to the client CDN, proper DNS resolution to closest datacenter

13 Now add TLS/SSL Client Server SYN SYN/ACK ACK/Client Hello
Server Hello/Cert/etc. 224 ms ClientKeyExchange/Ciphers Ciphers HTTP Request

14 Optimize SSL Score your site: https://www.ssllabs.com/ssltest/
See istlsfastyet.com for suggestions Session resumption (i.e., reuse, caching ok, tickets preferred) reduces RTs To 168 ms in prior example (1 RT) SSL False Start Concurrently transmit application data with ClientKeyExchange Overlaps application data transfer with session establishment, hiding latency Early Termination Terminate connections closer to the end client OCSP Stapling Eliminate network traffic for client to validate server certificate HTTP Strict Transport Security Avoid HTTP to HTTPS redirect on subsequent visits

15 Lots of Other Stuff There are dozens of talks about how to best do each of these things, and avoid the problems. There are other effects and optmizations I have not even discussed here, and are not covered by Google Page Speed and other tools

16 F5 BIG IP The Internet Servers Users Devices
DNS, Firewall, Load Balancing, Content Optimization, TCP optimization, SSL Acceleration, … BIG-IP Platform Servers Users

17 BIG IP Examples The Internet GET /index.html HTTP/1.1
Devices The Internet DNS, Firewall, Load Balancing, Content Optimization, TCP optimization, SSL Acceleration, … BIG-IP Platform Servers GET /index.html HTTP/1.1 GET /index.html HTTP/1.1 TCP Optimized SSL Optimized Cache Headers Added Optional Caching URL rewriting (CDN, etc.) SPDY, HTTP/2.0 GET /index.css HTTP/1.1 Returns minified index.html minified inlined index.css, inlined imports inlined and minified index.js inlined images, etc. (inlining, minification configurable) GET /index.js HTTP/1.1

18 BIG IP Form Factors and Availability
Hardware, Virtual Machine, Cloud Marketplace VMWare, Xen, KVM, and AWS Marketplace, BYOL in other clouds More deployment options going forward

19 LineRate Node.js in the datapath
Bare Metal or VM (high performance or high density) Fully automated deployment via true REST API Download and buy at linerate.f5.com

20 Booth #508

Download ppt "Putting the Network to Work"

Similar presentations

Enabling Secure Internet Access with ISA Server

Enabling Secure Internet Access with ISA Server
Hypertext Transfer PROTOCOL ----HTTP Sen Wang CSE5232 Network Programming.

Hypertext Transfer PROTOCOL ----HTTP Sen Wang CSE5232 Network Programming.
Advanced Windows Azure: Infrastructure as a service (IaaS)

Advanced Windows Azure: Infrastructure as a service (IaaS)
Traffic Infrastructure ©2013 LinkedIn Corporation. All Rights Reserved. HTTP/2 and a faster Web What it is, what it does and what does it mean.

Traffic Infrastructure ©2013 LinkedIn Corporation. All Rights Reserved. HTTP/2 and a faster Web What it is, what it does and what does it mean.
Module 5: TLS and SSL 1. Overview Transport Layer Security Overview Secure Socket Layer Overview SSL Termination SSL in the Hosted Environment Load Balanced.

Module 5: TLS and SSL 1. Overview Transport Layer Security Overview Secure Socket Layer Overview SSL Termination SSL in the Hosted Environment Load Balanced.
SPDY - Clean Slate HTTP About SPDY o What is SPDY o Goals o Features About HTTP o Simple HTTP o Pipelining for cuncurrency o Pipelining doesn’t help SPDY.

SPDY - Clean Slate HTTP About SPDY o What is SPDY o Goals o Features About HTTP o Simple HTTP o Pipelining for cuncurrency o Pipelining doesn’t help SPDY.
By Jory Cohen Made for CISC856, Spring 2010 Thanks to Dr. Amer, Mike Belshe(Google), Jon Leighton.

By Jory Cohen Made for CISC856, Spring 2010 Thanks to Dr. Amer, Mike Belshe(Google), Jon Leighton.
Sikker adgang fra alle devices edgemo summit CPH maj 2014.

Sikker adgang fra alle devices edgemo summit CPH maj 2014.
1 Content Delivery Networks iBAND2 May 24, 1999 Dave Farber CTO Sandpiper Networks, Inc.

1 Content Delivery Networks iBAND2 May 24, 1999 Dave Farber CTO Sandpiper Networks, Inc.
Blue Coat Systems Securing and accelerating the Remote office Matt Bennett.

Blue Coat Systems Securing and accelerating the Remote office Matt Bennett.
1 Configuring Web services (Week 15, Monday 4/17/2006) © Abdou Illia, Spring 2006.

1 Configuring Web services (Week 15, Monday 4/17/2006) © Abdou Illia, Spring 2006.
CSE 190: Internet E-Commerce Lecture 16: Performance.

CSE 190: Internet E-Commerce Lecture 16: Performance.
EEC-484/584 Computer Networks Discussion Session for HTTP and DNS Wenbing Zhao

EEC-484/584 Computer Networks Discussion Session for HTTP and DNS Wenbing Zhao
CDNs & Replication Prof. Vern Paxson EE122 Fall 2007 TAs: Lisa Fowler, Daniel Killebrew, Jorge Ortiz.

CDNs & Replication Prof. Vern Paxson EE122 Fall 2007 TAs: Lisa Fowler, Daniel Killebrew, Jorge Ortiz.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.
Performance Comparison of Congested HTTP/2 Links Brian Card, CS 577 12/7/2014 1.

Performance Comparison of Congested HTTP/2 Links Brian Card, CS /7/
Application Layer. Domain Name System Domain Name System (DNS) Problem – Want to go to www.google.com, but don’t know the IP addresswww.google.com Solution.

Application Layer. Domain Name System Domain Name System (DNS) Problem – Want to go to but don’t know the IP addresswww.google.com Solution.
1 Enabling Secure Internet Access with ISA Server.

1 Enabling Secure Internet Access with ISA Server.
Network. Add speed of light and speed in fiber Inspired by High Performance Browser Networking (Ilya Grigorik) Even Faster Web Sites (Steve Souders)

Network. Add speed of light and speed in fiber Inspired by High Performance Browser Networking (Ilya Grigorik) Even Faster Web Sites (Steve Souders)
Mark Phillip markphillip.com 200s, 304s, Expires Headers, HTTP Compression, And You.

Mark Phillip markphillip.com 200s, 304s, Expires Headers, HTTP Compression, And You.

Similar presentations

Ads by Google