I saw someone say that the new Twitter update was causing it to essentially DDoS itself. Is this true? I have a very basic understanding of what DDoS is but I don’t understand how the two are connected. Thanks in advance.
In: 64
Twitter has a front-end and a back-end. The front-end is what you see when you go to twitter.com, all the UI and text and so on. However, it has no tweets or data by itself, it just knows how to display them nicely and how to ask the back-end for the tweets.
The back-end has all the tweets in a database, and has certain specific ways to ask it for information. It’s expecting the front-end to send a nicely formatted request asking for so-and-so tweets for so-and-so users, which it then returns. Once the front-end gets the returned request with the tweets, it displays them.
Normally, the front-end asks for a tweet, and then the back-end gives it a tweet. However, with the new changes, the front-end asks for tweets, and the back-end says no. The front-end doesn’t know how to handle this, so it just asks again. And again.
Each time the back-end says no, but the front-end is now calling a dozen times a second per user instead of once every few seconds. This swamps the back-end with meaningless requests, and now it can’t handle requests fast enough. They pile up, and now users who should have access can’t get their requests answered over all the noise.
The defacto solution to this is something called exponential backoff. Whenever the back-end returns a failing request, it returns a code that says what the failure was. The front-end reads that code, knows it failed, and waits for a little bit before trying again.
Each time it fails, it multiplies the time it waits by two. So it’ll try again after a second, then two, then four, and so on. That way, the server is never flooded with requests. Usually, after a few failures, it’ll give up and ask the user to refresh the page. Reloading the page might help solve the error, but if it doesn’t, no harm.
Twitters failure is that they didn’t envision a scenario where the server would be throwing an error when the front-end asked for tweets in a specific way. The front page is coded to ask for tweets when it runs out of tweets. But when it makes the request, it gets no tweets. It’s out of tweets. It make a request to get more tweets. It gets no tweets. On and on.
Their more fundamental failure is how this wasn’t caught in testing. Usually, you push changes to a testing environment that mirrors production. If someone has done this and fiddled around a bit, this issue would have come up and been fixed. The fact it wasn’t is really telling of the state of twitter.
Latest Answers