Hacker News new | comments | show | ask | jobs | submit | cbsmith's comments login

I think you don't understand how NOD's work. It's a soul crushing experience that is far worse than firing people and giving them layoff severance.

Well, on the bright side, the more they talk about how unbreakable encryption the encryption is, the more likely some no good idiot will have a false sense of security and think that their phone is the logical device to communicate about their plans for one evil plot or another...

Let's just say it wouldn't chew up nearly the kind of resources as is achievable by selectively dropping IP packets for a TCP connection.

I kind of wrote a lot but didn't summarize very well.

A key principle of UDP is quite the contrary of what you are saying. UDP applications can have guarantees that they don't have to engage in MTU discovery or fragmentation issues. It provides a way to have an abstract, static contract about packets that is agnostic to layer-2.

Because UDP is comparatively simple, it has been abused as a proxy to implement your own protocol on top of IP, and in that context you of course you really have to deal with al those concerns. However, it is a terrible mistake to think that is what UDP is about or how one should use UDP.

It's like PubSubHubbub, except with JSON instead of XML, and bypassing that whole HTTP protocol that was never going to catch on anyway...

At least in the past, it really was true. I've been burned by this before using UDP in AWS. In AWS, I've learned to be skeptical of using protocols other than TCP. That said, it consequently has been a long time since I've tested UDP over AWS.

Yeah, I've run in to this. The point about NAT makes me wonder though if it is really de-prioritization or just the network straining to handle all that recalculation of checksums.

It's legal to send UDP packets with a zero checksum, indicating "no checksum." This can be set at a UDP socket level in Linux. I wonder if that would make any difference?

(Of course this assumes your protocol has some alternate method of verifying transferred data, which many do.)

That is an interesting idea. I'd love to see an experiment to determine if it makes a difference.



SCTP is a pretty good choice. It has been a bit since I used it, but it is a more complex protocol and I recall often run in to challenges getting it to perform as efficiently over various bits of network equipment.

Last I checked UDT was far more complex than UDP, and since it is layered on top of UDP, I'd think it'd be vulnerable to this problem (although it had all kinds of logic for correctly sizing packets and windows, so maybe it correctly avoids this problem). Either way though, from an application perspective UDT looks much more like TCP than UDP, so I wouldn't think it'd be an obvious choice to replace UDP.

Yes, just none with Amazon in their name.

Yeah, exactly. When "higher chance of being dropped" is replaced with "guarantee they'll be dropped", you kind of have a huge problem.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact