zlacker

[parent] [thread] 2 comments
1. reddit+(OP)[view] [source] 2023-07-02 00:10:24
Depends on the scale of the overall system. I have personally seen and attempted to mitigate degenerate cases where these retries overwhelmed the backend so much that the servers were falling behind in simply rejecting the requests.

Infact it got so bad because of all those retries at multiple levels from upstream callers that requests were essentially timing out at the TCP buffer/queue before they could be processed by the application.

Don’t know if the Twitter homepage backend is at similar scale.

replies(1): >>aeyes+rk
2. aeyes+rk[view] [source] 2023-07-02 03:36:28
>>reddit+(OP)
It is unlikely that a system with the scale of Twitter implements the API rate limiter in the backend. Usually you'd do this as early as possible together with other WAF stuff.

If IPs or IP ranges get really annoying we block them on the network level.

Big public sites like Twitter obviously need to have this technology. Due to their political content they probably also need sophisticated DDoS protection.

replies(1): >>gmerc+Hl
◧◩
3. gmerc+Hl[view] [source] [discussion] 2023-07-02 03:54:46
>>aeyes+rk
Sometimes people are cheap and don’t pay their cloudflare bill or their engineers.
[go to top]