
Network performance regressions from TCP SACK vulnerability fixes - rxin
https://databricks.com/blog/2019/08/01/network-performance-regressions-from-tcp-sack-vulnerability-fixes.html
======
xyzzy_plugh
The article includes no details on what kernel patch they applied, what kernel
version is in their AMI, or if they even have SACK enabled.

Guess you're on your own, Team Databricks!

~~~
rxin
We posted more details just now. Will share more next week too.

------
outworlder
If true, this is unfortunate for anyone who was forced to apply their
workaround in their systems, due to them being flagged by some "compliance"
tool, even though they are not even accessible externally.

------
ryacko
Regressions should be expected, because the unpatched code would have less
checks to ensure correct operation.

