What is TCP Fast Open and how can it speeds up your Backend Application?
Вставка
- Опубліковано 18 вер 2024
- 3 way handshake is expensive, can we avoid it or piggyback content on the handshake? that's what the TCP fast open is about we discuss it in this video
tools.ietf.org...
🏭 Backend Engineering Videos
• Backend Engineering (B...
💾 Database Engineering Videos
• Database Engineering
🛰 Network Engineering Videos
• Network Engineering
🏰 Load Balancing and Proxies Videos
• Proxies
🐘 Postgres Videos
• PostgresSQL
🚢Docker
• Docker
🧮 Programming Pattern Videos
• Programming Patterns
🛡 Web Security Videos
• Web Security
🦠 HTTP Videos
• HTTP
🐍 Python Videos
• Python by Example
🔆 Javascript Videos
• Javascript by Example
👾Discord Server / discord
Become a Member
/ @hnasr
Support me on PayPal
bit.ly/33ENps4
Become a Patreon
/ hnasr
Stay Awesome,
Hussein
you: "yo buddy are ya at home"
buddy: "yep. what's up man?"
you : "i'm out of soda could ya lend me some"
buddy: "seriously? alright here"
-----
you again : "yo buddy open up i know you're here. do you by chance have some popcorn too?"
buddy: "what? do i look like a supermarket to you. ugh but yeah i do have some here."
That's sorta my takeaway from this.
don't repeat 1. if you already know he's home :3
haha well said deserves a pin
I like how you explained the whole concept well without a single image or text. Hoping to see more content like this!
Kashif Minhaj thanks! Some people prefer images and text and I sometimes do that .. always struggling to find a balance thanks for your comment 😊
I thank UA-cam for suggesting videos from this channel. I watched a video from your channel 1 week ago. Since then I see every day.
👍
Aarej Ahmad thank you Aarej for watching 🙏🙏 glad you like the content
I loved the talking head concept. It was great, length was great. Pointing to RFC and reference videos was great. Moar of this please!!
MrZerged thanks for the feedback!!
"Oh, here's one advanced client. Sexy."
He really makes me believe that TCP can be hot.
I feel sorry for finding ur videos, only now. You are Great Teacher. Thankful to u
I like this kind of talking! Hope to see more!
Thank you Hussein, its good subject
Thank you Hussein. Awesome as always!
Anthony Farias 🙏🙏 thanks Anthony!
an attacker stealing that fast open cookie sounds like a very real threat! cool feature though
nice explanation. if you could add a presentation and keep the camera display of yourself at the corner, the concepts would be easier to remember for the viewers
It sounds like a cool hack able to revolutionite the speed of TCP/IP.
My question is how could the sending of fast cookies voiding extra handshake confirmations after the first established connection can affect the security of the packages? Could men in the middle somehow take advantage?
Since only the first TCP packet request from client to server has data in it, man in the middle will only be able to see this data. Further packet request are all encrypted.
I am not sure. @hussien whats your take on this
gmanon correct anyone would be able to intercept the packet and get the tcp cookie and pretend to be the /client/server.. (even if we are not using FAST OPEN) that is why we need TLS and mTLS to present certificates both client and server to really know who we are talking to..
I guess it is a problem we solve at higher level than TCP..
@@hnasr
I heard that if you want speed and don't care much about confirmation or integrity, UDP could be a better be option. Also TLS, I believe works at the application layer.
I don't know. I am new, I appreciate your input on the subject.
Sorry, I don’t know if you mentioned this but how does this work with HTTPS? In the GET request you mentioned, that will be unencrypted right ? For HTTPS, will the first request be TLS setup ?
Emmanuel correct, Good points I should have mentioned that in the video!
HTTPS is HTTP over TLS over TCP. So first thing is TCP, once we establish the connection (3 way handshake) we do TLS then we send the GET request
In TCP fast open with TLS the first SYN will include the TLS client hello and the TFO cookie..
Thanks a lot buddy! This was very helpful! Love from 🇮🇳
Amazing stuff Hussein!
Thanks Poriya! please feel free correct me if I said anything stupid
@@hnasr All good bro. Imma hit you up with something very cool soon.
Thanks so much for this video tutorial.
Roman Tsyupryk roman thanks! Appreciate it
Do clients and servers frameworks have to incorporate/support the TCP Fast Open ?
Correct both client and server must provide TCP Fast Open and this is usually hidden by frameworks but yes you can ask the framework vendors to see if they support that or not
Hi, i have one question: suppose i open a website , then one request for loading files goes (tcp conn, open, files load up and then tcp closes or does it?). Then if i do an api call then does the tcp conn to server have to open again (and the whole cycle for every api call?). I know websockets keep a tcp connection to server open permanently ( or as long as the website is open, and the network is there). Please help.
Saurabh Agrawal )assuming you are using a browser ) it depends on what version of HTTP the server supports
If its HTTP/2 the browser opens one connection and sends all request and keeps it open
If HTTP/1.1 the browser starts with 1 TCP connection and as it wants to send more parallel requests it opens up to 6 connections (sometimes 10) and keep all of them alive.. connections will eventually be closed if the keepalived timeout reached
In HTTP 1.0 (dead now)
Each requests open a new tcp connection sends request and immediately closes..
Watch my HTTP course for details on this
Hyper Text Transfer Protocol Crash Course - HTTP 1.0, 1.1, HTTP/2, HTTP/3
ua-cam.com/video/0OrmKCB0UrQ/v-deo.html
What about the TCP stack cookie being intercepted by the man in the middle. Maybe he can exploit this feature from his side in future.
I think I answered that in another reply, yes MITM can happen with or without the cookie. Only way we know how to prevent it is through certificates
Unfortunately, .net core does not support tcp fast open
4:25 Hahahaha
I forgot I came here to learn about TFO. 😂