AMP cache arithmetic demo about bbs HOT 3 OPEN

This is a report on the performance of the AMP cache arithmetic demo. Also posted at https://www.bamsoftware.com/sec/ampcache-arith-performance/.

• ampcache-arith-performance.zip, source and data for this analysis

The demo can run with or without an AMP cache. With an AMP cache, it can run with or without domain fronting. All tests are divided across 5 conditions:

• Direct to the server at https://www.bamsoftware.com/amp/arith/
• Through the AMP cache https://cdn.ampproject.org/
• Through the AMP cache https://cdn.ampproject.org/, fronted with www.google.com
• Through the AMP cache https://amp.cloudflare.com/
• Through the AMP cache https://amp.cloudflare.com/, fronted with amp.cloudflare.com

The server was a Linode in Dallas, TX. The client was a Linode in Fremont, CA. The round-trip time between them as measured by ping was about 36 ms.

Latency

The chart below shows the distribution of time needed for 1 round-trip with the arithmetic server. Each round-trip was "cold" in that it used a separate client process and therefore did not reuse any previous TCP, TLS, or HTTP session.

The useful upstream payload in this test is 5 bytes 1 + 1 and the useful downstream payload is 12 bytes {"result":2}. There is massive overhead in both directions due to AMP armor encoding.

The mean time for a direct connection is around 300 ms. The connection through the cdn.ampproject.org cache is on the average faster, but more variable. The amp.cloudflare.com cache is slower and still more variable. Fronted connections are perhaps slightly slower than non-fronted, but just barely.

Distribution of times for 1 round-trip with the arithmetic server. There are 200 trials in each condition.

Bandwidth

To test bandwidth, I used trials of n = {1, 10, 100, 1000} consecutive round-trips over a "hot" connection that uses the same TCP, TLS, and HTTP connection. Each individual roundtrip is still isolated within one HTTP request–response pair.

As before, the useful upstream payload in this test is 5 bytes 1 + 1 and the useful downstream payload is 12 bytes {"result":2}.

A direct connection is about twice as fast as the cdn.ampproject.org cache, and about five times as fast as the amp.cloudflare.com cache.

Dividing the total number of bytes transferred by the time taken gives the bandwidth. (Actually goodput, because the useful bytes are a small fraction of the total bytes transmitted.)

Upload bandwidth is 5 n divided by total time.

Upload bandwidth is 12 n divided by total time.

from bbs.

Does it work this way in the program

Yes, that's what it means. The Host header is www-bamsoftware-com.amp.cloudflare.com and the SNI is amp.cloudflare.com.

Unlike the cdn.ampproject.org server, the amp.cloudflare.com server does not support general domain fronting. It only supports fronting with SNI names that are in the certificate. The amp.cloudflare.com certificate supports:

• *.cloudflare.com
• cloudflare.com
• *.dns.cloudflare.com
• *.amp.cloudflare.com
• *.staging.cloudflare.com

from bbs.

Through the AMP cache https://amp.cloudflare.com/, fronted with amp.cloudflare.com

trial "$n" "$expr" "$SERVER" https://amp.cloudflare.com/ amp.cloudflare.com

I don't understand what "fronted" means in here. The address is the same.
Does it work this way in the program :

curl -H "Host: www-bamsoftware-com.amp.cloudflare.com"  https://amp.cloudflare.com/

?

from bbs.