Fei has over 10 years of development experience at Tencent and Sogou. Through this account, he shares his deep insights on performance.
This article explains the internal mechanisms of tcpdump, showing how it registers a virtual protocol in the kernel's ptype_all list to intercept packets during both receive and transmit paths, how netfilter interacts with these paths, and provides guidance for building a custom packet‑capture program.
This article explains how to detect full and half TCP connection queue overflows on Linux servers by interpreting netstat -s output, examining relevant kernel MIB counters, and reviewing the underlying source code, while also offering practical tips for accurate monitoring.
This article explains the fundamentals of IO events and IO multiplexing, compares thread‑based and event‑driven models, details the Reactor pattern variants, and discusses synchronous versus asynchronous IO, providing a practical guide for building high‑performance network frameworks in Linux.
This article examines common TCP handshake anomalies in backend systems, detailing how client port exhaustion and server-side connection queue overflows cause packet loss and latency spikes, while providing kernel-level insights and practical configuration strategies to optimize network performance and ensure reliable service availability.
This article explains the complete kernel‑level implementation of the TCP three‑way handshake, covering server listen queue allocation, client connect state handling, SYN/SYN‑ACK processing, syncookie protection, timer management, socket creation, and the accept path, with detailed code examples.
This article presents a comprehensive overview of the open‑source Workflow framework by Sogou, highlighting its high‑performance asynchronous architecture, rich feature set, practical C++ code examples for building servers and clients, and detailed explanations of its task‑flow and timer implementations for backend developers.
This article explains iptables fundamentals, its table and chain architecture, common command syntax with practical examples, and demonstrates how iptables is leveraged in Kubernetes and Istio Service Mesh to intercept and redirect pod traffic for advanced service‑mesh capabilities.
This article explores why a server must call listen() before accept() by dissecting the Linux kernel's listen system call, its interaction with socket objects, and how the kernel calculates and initializes the full and half‑connection queues based on backlog and system parameters.
This article explains why reading Linux kernel source matters, advocates starting from real‑world problems, contrasts a "carpet‑bombing" approach with a precision‑guided method, and shares concrete tools, resources, and step‑by‑step tips for efficiently exploring kernel code.
On Linux, the client port used in a TCP connection is selected either by the kernel during the connect system call—randomly scanning the ip_local_port_range while respecting reserved ports—or by a prior bind call, with detailed kernel functions such as inet_hash_connect and __inet_hash_connect governing the process.
