blog @spotflux
These are the thoughts and opinions written by the spotflux team and our colleagues.
Show MenuHide Menu

What Makes the Web Slow and How Spotflux Makes it Faster

September 25, 2013

“Time is Money”, something that everyone’s heard at some point in their life. When it comes to internet, the difference of a few milliseconds can make or break many modern businesses. As an example, let’s take a look at the world of digital advertising and the effect it has on the implementation of  Real Time Bidding (RTB). To summarize a RTB transaction at a very high level –  ad buyers are given a particular web request in “real-time” and must decide if they will bid on that request and how much they will pay. This decision typically must happen in less than 100 milliseconds or the ad offer will be lost. Within those 100 milliseconds dozens of analytics and decisions need to happen in order to make a profitable ad purchase. For instance, the age, gender, geography, affinity, and other factors of the ad consumer may be considered – all within 100 milliseconds.

What does all this obsession have to do with you, the “end user” of the internet? Simple – you’re patience is what drives your engagement with a particular service or web site, and your engagement with that service directly affects the bottom line. When things go too slow you tend not to put up with them much longer and whoever was hoping to keep you as a customer has just lost. In our ad example, if the ad does not load fast enough for you to notice it or it isn’t relevant to you, the opportunity for the ad buyer has been lost.

Here at spotflux we have the daunting task of delivering a secured connection to the internet without disrupting the speed of all those wonderful web sites and services you’re accustomed to use. Over 20 petabytes of information flow through our free vpn services every month which has given us an unprecedented ability to analyze what’s broken on the internet. At a first glance it may seem that simple physics are against us, but when you start to deconstruct the problems one by one you realize that where some things play against you (additional hops, encryption, etc) other things are ripe for improvement. When it’s all said and done, we’re able to do full network encryption with deep packet inspection at line rate speeds to deliver the safest and fastest vpn on the planet.

Deconstructing the Problem

In today’s blog post we’re going to deconstruct three of the major issues on the web that make things slow and how we combat these issues to gain back speed for our users. Our end-goal is to cancel out the added latency from things we’ can’t control with the things that we can improve:

network latency – When you and a web server exchange some data you would expect that data to travel at a speed similar to what your provider has quoted you. To make things simple, let’s assume you wanted to transfer 100 megabytes between your apartment in New York and your school’s very high speed web server in California. Your ISP has given you a 10 megabit connection to the internet (1.25 megabytes/sec), so if all goes as planned your file should arrive in just 80 seconds. But it didn’t.

Here’s what most likely happened – because the speed of light can only travel so fast between New York and California we’ve incurred network latency .  In this particular example our latency was 84 milliseconds.  Assuming you have a standard Windows workstation PC with a TCP Window size of 64kilobytes (524288bits) and that for this example we’re excluding window scaling, the maximum theoretical throughput you would have been able to incur on your 10 megabit link is actually around 640kilobits/second (524288/0.84) causing that file transfer to take about 20 hours. Thankfully RFC 1323 brought about Window-Scaling which allows us to size up that TCP Window size and dramatically improve the speeds over that 10 megabit link but hopefully our example demonstrates the importance of low-latency connections on the web.

As we highlighted in our example above, the distance between to points on the internet has an immediate impact on latency and therefor your ability to have a low latency connection to spotflux  requires that a node exists within your geographic proximity. Our worldwide network of nodes have been strategically placed near major metropolitan areas and inside datacenters which have tremendous carrier diversity and peering opportunities. On the client side, when any device connects to spotflux, a series of pre-flight operations help determine the most optimal endpoint for you to connect to. We use a global any-cast based DNS infrastructure to determine the lowest latency endpoint for you to connect to and then pre-check that node for capacity and connectivity.

poorly designed protocols – The web has come a long way and there have been tremendous advances in some core technologies that drive the web, most notably web browsers. The web’s dirty little secret however is that many of the underlying protocols are inefficient for “today’s internet”. As an example, HTTP is actually a fairly inefficient way to transfer web sites to your computer. When you visit a website, that site is composed of many different objects (images, videos, javascript files, css files, html files, etc) that come together to render the page you’re viewing. For instance, pointing my web browser to caused my browser to fetch over 250 different objects so the page could be displayed properly. With the current state of HTTP, each one of those requests are handled independently from each other and some of those requests may even go to other servers (think ad networks). Your browser now has to wait for all 250 requests to finish before the final page can be properly rendered. Each one of those 250 requests also added a whole lot of “padding” to your network connection as each request needed its own set of headers. In our current visit to we produced 5.2 megabytes of data transfer . If we were to look at this a different way: simply taking a screenshot of and sending the single image would have only consumed roughly 1/2 a megabyte of data transfer yet the same “information” would be visible to the end user. Of course that screenshot is not an interactive web site but one can quickly begin to theorize about the possible improvements. While this is just one example, there are countless examples of inefficiencies plaguing so many of the major protocols that drive the internet today.

 In our example above we highlighted how HTTP can cause unnecessary overhead. For spotflux mobile users we re-process all HTTP streams to accelerate their delivery between our nodes and your device. During this process images are refactored and rescaled, whitespace reduction and compressions are used, and common object caching is leveraged to reduce the number of calls needed to the source address. For our premium users we also strip out all requests to Ad networks and replace the ads with whitespace. Removing a single ad from a webpage can increase page-load times by 300+ milliseconds, and when you’re doing it billions of times a month, those milliseconds really start to add up!

processing power – Ever wonder why some websites are “secured” with HTTPS and most of the web is not? It comes down to processing power. The second heavy mathematical computations are added to the mix, as with the encryption required for HTTPS, both the client and the server see a spike in CPU usage. Suddenly the costs of operating your web services skyrocket and those “cloud hosting providers” your web service relies on are grinning all the way to the bank. The efficient use of modern day CPUs is often times a major hurdle for core infrastructure software packages that web services depend on and often times simply throwing more hardware at a problem just doesn’t work. With the rapid adoption of cloud services by many web companies, the ability to purchase and tune hardware to computational needs is often lost and causes services to be unnecessarily slow.  At Spotflux we not only encrypt your entire internet connection but we also conduct millions of real-time computations per second to determine if the network traffic leaving your device is compromised by malware or trackers – those type of operations require big processing power.