The Backend Engineering Show with Hussein Nasser

Fundamentals of Operating Systems Course https://oscourse.winktls is brilliant.TLS encryption/decryption often happens in userland. While TCP lives in the kernel. With ktls, userland can hand the keys to the kernel and the kernel does crypto. When calling write, the kernel encrypts the packet and send it to the NIC.When calling read, the kernel decrypts the packet and handed it to the userspace. This mode still taxes the host’s CPU of course, so there is another mode where the kernel offloads the crypto to the NIC device! Host CPU becomes free. Incoming packets to the NIC are decrypted in device before they are DMAed to the kernel. outgoing packets are encrypted before they leave the NIC to the network.ktls still need handshake to happen in userspace. There is also enabling zerocopy in some cases (now that kernel has context) Deserves a video. So much good stuff.0:00 Intro2:00 Userspace SSL Libraries 3:00 ktls 6:00 Kernel Encrypts/Decrypts (TLS_SW)8:20 NIC offload mode (TLS_HW)10:15 NIC does it all (TLS_HW_RECORD)12:00 Write TX Example13:50 Read RX Example17:00 Zero copy (sendfile)https://docs.kernel.org/networking/tls-offload.html

If you are bored of contemporary topics of AI and need a breather, I invite you to join me to explore a mundane, fundamental and earthy topic. The CPU. A reading of my substack article https://hnasr.substack.com/p/the-beauty-of-the-cpu

This new PostgreSQL 17 feature is game changer. They know can combine IOs when performing sequential scan. Grab my database course https://courses.husseinnasser.com

No technical video today, just talking about the idea of discipline and consistency.

Fundamentals of Operating Systems Course [https://oscourse.win] This video is an overview of how the operating system kernel does socket management and the different data structures it utilizes to achieve that. timestamps 0:00 Intro 1:38 Socket vs Connections 7:50 SYN and Accept Queue 18:56 Socket Sharding 23:14 Receive and Send buffers 27:00 Summary