Igeometry Podcast

I’m a big believer that database systems share similar core fundamentals at their storage layer and understanding them allows one to compare different DBMS objectively. For example, How documents are stored in MongoDB is no different from how MySQL or PostgreSQL store rows. Everything goes to disk, the trick is to fetch what you need from disk efficiently with as fewer I/Os as possible, the rest is API.  In this video I discuss the evolution of MongoDB internal architecture on how documents are stored and retrieved focusing on the index storage representation. I assume the reader is well versed with fundamentals of database engineering such as indexes, B+Trees, data files, WAL etc, you may pick up my database course to learn the skills. Let us get started. Fundamentals of Backend Engineering Design patterns udemy course (link redirects to udemy with coupon) https://backend.husseinnasser.com Fundamentals of Networking for Effective Backends udemy course (link redirects to udemy with coupon) https://netw

The User Interface/User Experience has great impact on the backend architecture and scalability. In this podcast I discuss three UI/UX that affected backend design and scalability. 0:00 Intro 1:40 UI vs UX 4:30 Google Chrome OmniBox 12:30 1 out of X Page 20:00 YouTube Notification Resources https://blog.apnic.net/2020/08/21/chromiums-impact-on-root-dns-traffic/ Fundamentals of Backend Engineering Design patterns udemy course (link redirects to udemy with coupon) https://backend.husseinnasser.com

In this video I explain how DHCP work and how it updates DNS entries for new hosts joining the network. I'll also mention Zero Config 0:00 Intro 1:00 the Network configuration 6:00 Showing DHCP in Wireshark 6:30 DHCP Discover 14:40 DHCP Offer 19:00 DHCP Request 21:30 DHCP ACK 22:00 How DHCP Updates DNS 26:15 Zero Configuration (mDNS, Link-local) Resources Dhcp https://datatracker.ietf.org/doc/html/rfc1541 Dynamic updates , dhcp RFC2136 https://datatracker.ietf.org/doc/html/rfc2136 https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipaddr_dhcp/configuration/xe-3se/3850/dhcp-xe-3se-3850-book/dhcp-client-option-12.pdf RFC 1497 https://www.rfc-editor.org/rfc/rfc1497.html https://www.rfc-editor.org/rfc/rfc6762#ref-Zeroconf Link-local https://www.rfc-editor.org/rfc/rfc3927

Fundamentals of Backend Engineering Design patterns udemy course (link redirects to udemy with coupon) https://backend.husseinnasser.com Certificates provide a way to authenticate both the server and the client and are included as part of the TLS handshake. However, the certificates can be large because the full certificate chain is included in the handshake. The large certificates can go up to 10KB in size and take multiple segments to deliver and assemble. RFC 8879 discusses how TLS compression can be achieved, I discuss that in this podcast. Enjoy. 0:00 Intro 4:15 Certificate Chain 6:00 Faking the chain 8:50 Certificate Stores 10:30 Including ROOT cert in the chain 12:00 The performance penalty of large certificate chain 20:15 RFC 8879 TLS Certificate Compression 23:00 How Compression Works in TLS 1.2 vs TLS 1.3 30:30 What could go wrong? Resources https://datatracker.ietf.org/doc/rfc8879/ https://www.rfc-editor.org/rfc/rfc5246 https://www.rfc-editor.org/rfc/rfc6928.html

Two new vulnerabilities in openssl were discovered, we discuss them in this video https://www.openssl.org/news/secadv/20221101.txt

Google recent paper on protective load balancing in TCP attempts to improve packet drops and latency by making the host change the flow path using the IPv6 Flow label. The Linux kernels gets the PLB support in Linux 6.2 this December, let us discuss with this is.   

In this episode of the backend engineering show I go through an article I wrote discussing NodeJS Asynchronous I/O https://medium.com/@hnasr/when-nodejs-i-o-blocks-327f8a36fbd4 Learn the fundamentals of network engineering, get my udemy course https://network.husseinnasser.com Buy me a coffee if you liked this  https://www.buymeacoffee.com/hnasr 0:00 3:00 Part 1 Socket/IO 9:48 Part 2 File I/O 12:42 Part 3 DNS 16:22 Part 4 NodeJS Single Threaded 19:10 Part 5 NodeJS Thread Pool 21:23 Part 6 DNS lookup bottleneck in Node

Buy me a coffee if you liked this https://www.buymeacoffee.com/hnasr In this podcast I explain the NGINX internal process architecture, how NGINX spins up multiple processes per core, how each process is pinned to a CPU core for minimum context switching,  how NGINX accepts connections , parses requests and talks to the backend.   Get my introduction to NGINX udemy course  https://nginx.husseinnasser.com

Cloudflare identified several limitations in NGINX architecture and decided to write their own reverse proxy. 0:00 Intro 1:53 What NGINX is used for 3:37 NGINX Architecture 7:52 NGINX Limitations 17:12 Cloudflare Pingora Buy me a coffee if you liked this https://www.buymeacoffee.com/hnasr Fundamentals of Networking for Effective Backends udemy course (link redirects to udemy with coupon) https://network.husseinnasser.com Fundamentals of Database Engineering udemy course (link redirects to udemy with coupon) https://database.husseinnasser.com Introduction to NGINX (link redirects to udemy with coupon) https://nginx.husseinnasser.com Python on the Backend (link redirects to udemy with coupon) https://python.husseinnasser.com Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join

In this episode of the backend engineering show I discuss the evolution of multi-threading apps, their pros and cons and then I go through 5 threading model and how they interleave with backend connection management between the threads and requests handlings. Enjoy To learn more about networking fundamentals check out my udemy course Fundamentals of Networking for Effective Backends Head to https://network.husseinnasser.com for a discount coupon 0:00 Intro 2:00 Single Threading 6:30 Multi-Threading 14:15 Connection Listener 20:15 How Connections are Established 29:00 Single Listener/Worker thread 33:30 Single Listener, Multiple Worker threads 39:00 Single Listener, Multiple Workers with load balancing 42:10 Multiple Listeners on the same port (SO_REUSEPORT) 45:20 Multiple Single Threaded Backend

Memcached is an in memory cache with one major feature be a transient cache. Memcached has a very simple design. It was originally designed to help with database load by storing the query result in memory to avoid further querying the database. By default it has no authentication, a simple text protocols, servers don’t talk to each other. This video discuss the architecture of the cache, design choices and have some critics of the design choices. I go through a demo at the end using docker, telnet and nodes. Enjoy 0:00 Intro 4:40 What is Memcached? 7:45 Memory management 16:00 LRU 25:17 Threading and Connections 30:40 Read Example 34:30 Write Example 36:17 Write and Read collisions 39:40 Locking 40:30 Distributed Cache 43:30 Memcached with Docker/Telnet/NodeJS 45:00 Spin up a Memcached Docker container and telnet 52:17 Memcached and NodeJS 56:15 Four Memached Servers with NodeJS 01:01:00 Summary Resources https://www.cloudflare.com/learning/ddos/memcached-ddos-attack/ https://holmeshe.me/understanding-memcach

In this episode of the backend engineering show I go through the main job of the network interface controller (NIC for short) and how the datacenter is pushing it to the limit by allowing it to do more TCP/IP processing, creating what is being popularized as smartNIC. 0:00 Intro 1:20 What is a NIC? 3:40 NIC job 8:00 When does the OS get involved 12:40 Promiscuous mode 14:00 SmartNIC 18:30 Disadvantages Resources https://developer.nvidia.com/networking/ethernet-adapters https://www.theregister.com/2022/08/11/smartnics_network_market/ https://arxiv.org/abs/1803.09615 Fundamentals of Networking for Effective Backends udemy course (link redirects to udemy with coupon) https://network.husseinnasser.com --- Support this podcast: https://anchor.fm/hnasr/support

In this episode of the backend engineering show I discuss consistent hashing a very important algorithm in distributed computing specially in database systems such as Apache Cassandra and DynamoDB. 0:00 Intro 2:00 Problem of Distributed Systems 5:00 When to Distribute 7:00 Simple Hashing 9:30 Where Simple Hashing Breaks 11:40 Consistent Hashing 18:00 Adding a Server 21:15 Removing a Server 22:30 Limitations --- Support this podcast: https://anchor.fm/hnasr/support

In this episode of the backend engineering show I go through and discuss the Homa Protocol paper which attempts to replace TCP as a protocol in the data centers. I learned a lot from this paper, I have my criticisms of certain aspects, timestamps for topics discussed below. It appears there is a path to replace TCP in the datacenter and professor John tries to explain this path. Referenced materials mentioned in the episode Overview paper https://web.stanford.edu/~ouster/cgi-bin/papers/replaceTcp.pdf Homa 2018 paper (Details) https://people.csail.mit.edu/alizadeh/papers/homa-sigcomm18.pdf NIC Offloading in Linux https://en.wikipedia.org/wiki/TCP_offload_engine#Support_in_Linux Curl disabling Nigel Algo https://github.com/curl/curl/commit/4732ca5724072f132876f520c8f02c7c5b654d9 0:00 Intro 3:00 The nature of networking data center 5:30 TCP Segments 7:30 There is no “Request” in TCP 12:00 What so unique about Data centers? 14:00 Message Throughput vs Data throughput 18:25 Congestion Control 22:38 Homa’s Congest

ByteDance, the company behind TikTok is proposing few patches to the linux kernel to make kernel reboots via kexec go from 500ms down to 15 ms saving huge time in updating kernel on thousands of machines. Let us discuss this 0:00 Intro 1:30 Linux Kernel Reboot Options 2:30 how kexec works 4:00 The optimization 5:00 Going through the patch 6:00 Updating Servers at TikTok scale 9:00 Summary https://www.phoronix.com/news/Bytedance-Faster-Kexec-Reboot https://lore.kernel.org/lkml/20220725083904.56552-1-huangjie.albert@bytedance.com/ --- Support this podcast: https://anchor.fm/hnasr/support

We discuss the CVE-2022-2274 OpenSSL Vulnerability. The OpenSSL 3.0.4 release introduced a serious bug in the RSA implementation for X86_64 CPUs supporting the AVX512IFMA instructions. This issue makes the RSA implementation with 2048 bit private keys incorrect on such machines and memory corruption will happen during the computation. As a consequence of the memory corruption an attacker may be able to trigger a remote code execution on the machine performing the computation. 0:00 Intro 1:00 CVE-2022-2274 3:00 AVX512IFMA CISC 5:00 How the bug works 7:10 How can it be triggered Resources https://www.openssl.org/news/secadv/20220705.txt https://github.com/openssl/openssl/issues/18625 https://guidovranken.com/2022/06/27/notes-on-openssl-remote-memory-corruption/ https://eprint.iacr.org/2018/335 https://github.com/openssl/openssl/commit/4d8a88c134df634ba610ff8db1eb8478ac5fd345 https://linux.die.net/man/3/bn_internal https://www.microfocus.com/documentation/enterprise-developer/ed60/ES-WIN/GUID-E3960B1E-C42E-4748-

Postgres 15 introduces a new syntax to treat nulls as not distinct. This will allow developers to create a unique constraint on nullable fields and have inserts with nulls fail instead of having it allowed based on today's standard. Fundamentals of Networking for Effective Backends udemy course (link redirects to udemy with coupon) https://network.husseinnasser.com Fundamentals of Database Engineering udemy course (link redirects to udemy with coupon) https://database.husseinnasser.com https://blog.rustprooflabs.com/2022/07/postgres-15-unique-improvement-with-null https://www.postgresql.org/message-id/flat/84e5ee1b-387e-9a54-c326-9082674bde78%40enterprisedb.com --- Support this podcast: https://anchor.fm/hnasr/support

memchr() is a function that searches in a memory block for a character, this has been recently improved in the latest linux patch and we can learn something from this improvement I think, lets discuss. https://www.phoronix.com/scan.php?page=news_item&px=Linux-Kernel-Faster-memchr Fundamentals of Networking for Effective Backends udemy course (link redirects to udemy with coupon) https://network.husseinnasser.com --- Support this podcast: https://anchor.fm/hnasr/support

Amazon Aurora PostgreSQL-Compatible Edition now supports PostgreSQL major version 14 (14.3). Let us discuss this news. https://aws.amazon.com/about-aws/whats-new/2022/06/amazon-aurora-supports-postgresql-14/ 0:00 Intro 1:00 Database on the Cloud options 3:45 Amazon Aurora supports Postgres 14 6:00 Postgres 14 vs Postgres 13 --- Support this podcast: https://anchor.fm/hnasr/support

Rogers Communications, the Canadian ISP is down. One of its ASNs (they have many) is AS812 with over 5 million IP addresses. Tried a few and none of them can be pinged from the US (not sure if ICMP is disabled or not) This is a huge deal for all Canadians and businesses affected. So sorry for every one who is affected by this, and kudus to all the engineers at Rogers working to fix this for the past what? 11 hours now? If an ASN goes dark like a Facebook or a Cloudflare that isn't a big deal you can go without using Facebook for a day. But if this is your ISP's ASN that connects you to the rest of the World goes down, actual users won't be able to connect. We still don't know the cause but my guess it might be a bad BGP entry? that's what happened to Cloudflare or FB, could be something different. again so sorry for all my Canadian followers affected. Will make a video when I get a chance Resources https://www.bigdatacloud.com/asn-lookup/AS812 https://www.bigdatacloud.com/asn-lookup/AS7018 --- Support this