Forgot your password?
typodupeerror

Why IE Is So Fast ... Sometimes 934

Posted by timothy
from the nip-and-tuck dept.
safrit writes "Finally the scoop on how IE "cheats" a little to up its performance! Do RFCs mean nothing anymore? What's next, Riots in the streets, dogs and cats living together, mass hysteria! From the blog story: 'Internet Explorer on Windows always seems either to run impossibly fast (page requests are fulfilled almost before the mouse button has returned to its original unclicked position), or ridiculously slow...' Now read to see why..."
This discussion has been archived. No new comments can be posted.

Why IE Is So Fast ... Sometimes

Comments Filter:
  • slashdotted (Score:1, Insightful)

    by Pave Low (566880) on Sunday January 05, 2003 @05:45PM (#5021401) Journal
    Hey editors, maybe you should read this article [kuro5hin.org] next time you link to sites that aren't able to handle the slashdot effect.

    It would make things a little easier for them and us.

    Just tired of seeing stories that aren't reachable by the time i click them.

  • by Randolpho (628485) on Sunday January 05, 2003 @05:57PM (#5021474) Homepage Journal
    Let the flames commence, because I *do* think it's ingenious.

    Essentially Microsoft is rewriting TCP to make it UDP-like by sacrificing TCP's guaranteed delivery for a speed boost. Since HTTP is essentially stateless, this doesn't sound like an overly bad idea.

    I do have one question, however; how is it that Internet Explorer is able to rewrite TCP rules? Doesn't it use win32's TCP service? Or does it call a different, special TCP service?
  • Re:Cut n Paste (Score:5, Insightful)

    by AntiNorm (155641) on Sunday January 05, 2003 @06:04PM (#5021525)
    What RFC means to MSFT:

    "Rules For Competitors." Not for themselves.
  • Re:No, it's not. (Score:2, Insightful)

    by jhunsake (81920) on Sunday January 05, 2003 @06:07PM (#5021549) Journal
    "They are only kept in the RAM cache"

    Isn't a "RAM cache" a cache? Did the parent specifically mention disk cache?
  • by gilroy (155262) on Sunday January 05, 2003 @06:10PM (#5021562) Homepage Journal
    Blockquoth the poster:

    this doesn't sound like an overly bad idea.

    Hmmm. Deliberately breaking -- oh, I'm sorry, "rewriting" -- one of the core technologies of the Internet, without telling anyone and in such a way as to pad their speed numbers? Nah, nothing wrong about that...
  • Enough! (Score:2, Insightful)

    by IamTheRealMike (537420) <mike@plan99.net> on Sunday January 05, 2003 @06:16PM (#5021601) Homepage
    Stop with this! IE is fast because, to put it simply, Microsoft know how to write extremely fast code. That's it.

    IE is fast because Microsoft know Windows coding inside and out. When you run iexplore.exe, no, it's not loaded at startup, the executable just loads the relevant COM objects. The UI appears first, then their rendering engine (Trident) is loaded async which is why you see a flat white area when IE is loading for a second or two before it becomes a 3D cutout. Everything is load on demand. That's why it's fast.

    Office is fast because the Office coders aren't stupid. They don't pull any OS startup tricks or anything to make that happen. How do I know this? Because I once reinstalled Windows on top of Office - deleted the whole of the windows directory and reinstalled it. Word still started in under 3 seconds, although it gave one or two complaints about missing registry entries it started fine, and boy was it fast.

    Maybe IE still pulls this trick, maybe it doesn't, but at the end of the day IE feels fast because they've put a lot of work into optimization. You'll note that Mozilla is catching up now as they also get the optimizations in.

  • by Anonymous Coward on Sunday January 05, 2003 @06:16PM (#5021602)
    By not closing the connection, it severly hampers IIS's scalability - in other words, it's a helluva lot more susceptible to the /. effect. Any server must keep track of open connections, and any computer only has a finite space to do that in.

    Of course, when your target market is non-scalable toy computers, who cares if you software isn't scalable either.

  • Re:Who cares? (Score:1, Insightful)

    by Anonymous Coward on Sunday January 05, 2003 @06:16PM (#5021607)
    That's right, who cares if it violates standards to do so? I run Windows! All bow before me! Fuck the rest of you that don't run Windows!

    Who cares if thousands of gallons of oil gets dumped in the ocean? I drive an SUV! As long as the oil gets to me, who gives a fuck?

    I run stop signs--it gets me to work quicker! Who cares if I break the law--as long as I get there!

    Who cares if Enron ripped off their employees? As long as I get power, who gives a fuck?

  • Pure BS (Score:3, Insightful)

    by unterderbrucke (628741) <unterderbrucke@yahoo.com> on Sunday January 05, 2003 @06:18PM (#5021616)
    "One possible explanation is something that my team and I noticed a couple of years ago"

    They had IE 3 a "couple" of years ago. This article is based on faulty data from two or three years ago, which the author even admits.

    Maybe the editors should read the links in stories before posting the stories, it gives Slashdot a bad name to be posting articles like this.
  • Cute! (Score:3, Insightful)

    by overshoot (39700) on Sunday January 05, 2003 @06:19PM (#5021617)
    So, if I understand this correctly, IE and IIS skip right over that picky TCP synchronization and get right to transferring traffic packets. Which, IIRC, leaves them wide-open to quite a few interesting failure modes and cracks.

    Not that a few bugs and vulnerabilities more or less would make much difference, of course. Still, in case any doubt remains WRT Microsoft's attitude towards reliability and security ....

  • Re:Who cares? (Score:1, Insightful)

    by Anonymous Coward on Sunday January 05, 2003 @06:19PM (#5021619)
    You'll care when you can't load a large percentage of the sites on the Internet because each of them has gradually moved to following its own vendor's whims in the interest of gaining marketshare, instead of the standard that allows them to communicate with one another...
  • by pVoid (607584) on Sunday January 05, 2003 @06:25PM (#5021653)
    Yes, you are right. The whole point is that IE is painfully slow in certain scenarios where the server just drops the packet instead of sending a RST.

    I for one am having the exact same results as you are. And realistically, I don't think any of this crowd will heed your post. It's too unhumiliating for IE.

    On another note, I personally *am* plagued by this IE being super slow thing. And unlike some, I've looked into it logically: it happens 99.9% of the time if a javascript launches a new window, or if a link is Targeted.

    I'm personally inclinded to think it might have to do with DNS. But I don't know. And I don't go around accusing people.

    For christ' sake, even the poster says: my team and I noticed a couple of years ago

    Whatever.

    And the cherry on top of the whipping cream:

    I have to admire their arrogance and their confidence. But it'll be some time before I can bring myself to admire their technical integrity.

  • by evilviper (135110) on Sunday January 05, 2003 @06:33PM (#5021697) Journal
    Essentially Microsoft is rewriting TCP to make it UDP-like by sacrificing TCP's guaranteed delivery for a speed boost. Since HTTP is essentially stateless, this doesn't sound like an overly bad idea.

    Well, because IE leaves server-side connections open, it would make things much more difficult for the server-end, no matter if you run IIS or not. So, it can basically be considered a low-level DoS attack on all non-IIS servers.

    Wouldn't you be upset if IE pre-cached all the links in a page, just so users would have a bit of a speed boost? If they wanted IE/IIS to be faster when speaking with each other, why no have them communicate on a different port, instead of casuing problems, and slow-downs on non-IIS servers? Hey, they could use port 80, UDP... That would be faster, and since non-IIS servers won't be using UDP/80, it won't be incorrectly leaving connections open, sending invalid packets, slowing down communications with non-IIS servers, etc.

    It's not that they sped things up, it's that they did it in such a way that it causes minor problems for servers that don't use IIS. Sound a little like the Microsoft Java fiasco a little while back? Leveraging their desktop monopoly to sell IIS...

    So, this is a overly bad idea, and there are a thousand ways they could have done this better, while not causing problems for non-Microsoft products.
  • by Anonymous Coward on Sunday January 05, 2003 @06:35PM (#5021704)
    The HTTP spec allows keep-alive between the browser and the proxy. No extra magic needed there.
  • by The Jonas (623192) on Sunday January 05, 2003 @06:36PM (#5021707)
    Lynx is faster... :)
  • Re:slashdotted (Score:2, Insightful)

    by coupland (160334) <dchaseNO@SPAMhotmail.com> on Sunday January 05, 2003 @06:40PM (#5021741) Journal

    My worthless opinion:

    1. Slashdot is not a hosting site so they shouldn't offer to mirror.
    2. They have no way of knowing if a site can't handle the load.
    3. Waiting for a mirror to appear would make news show up incredibly slow.
    4. The community automatically mirrors or pastes content that has been /.-ed you just need to spend 2 seconds reading the comments.
    5. The guy with the Lego site is probably tickled pink that his site just got a billion hits and probably doesn't mind things crawling to a halt for a while. It's his 15 minutes of internet fame.

    FWIW...

  • by csnydermvpsoft (596111) on Sunday January 05, 2003 @06:42PM (#5021755) Homepage
    Even if the Mozilla team did come up with this idea, it would never be implemented. Why? Standards compliance. That's been their goal from the beginning - they would never break a standard, especially as fundamental as TCP/IP.

    This just goes to show the differences between Microsoft and many open source projects. Microsoft didn't care at all about the impacts of this decision - as long as it makes IE and IIS look faster, it's in. However, Mozilla/Apache/etc. aren't willing to sell out.
  • Re:slashdotted (Score:1, Insightful)

    by airyk (222789) on Sunday January 05, 2003 @07:07PM (#5021926)
    5. The guy with the Lego site is probably tickled pink that his site just got a billion hits and probably doesn't mind things crawling to a halt for a while. It's his 15 minutes of internet fame.

    yeah, but what about when that 15 minutes of Internet fames causes him or her to suddenly have a $400 bandwith bill?
  • Re:slashdotted (Score:2, Insightful)

    by Anonymous Coward on Sunday January 05, 2003 @07:08PM (#5021928)
    2. They have no way of knowing if a site can't handle the load.

    We have this remarkable thing called e-mail.

    3. Waiting for a mirror to appear would make news show up incredibly slow.

    Slow? Like Slashdot posting about the Lindows CEO days after it's been on CNN's front page? FAST!

    4. The community automatically mirrors or pastes content that has been /.-ed you just need to spend 2 seconds reading the comments.

    They essentially steal the decision of whether or not a site wants its content reproduced on Slashdot, in an ad-hoc attempt at 'mirroring.'

    5. The guy with the Lego site is probably tickled pink that his site just got a billion hits and probably doesn't mind things crawling to a halt for a while. It's his 15 minutes of internet fame.


    People pay for bandwidth. Some of them would like Slashdot to ask permission first. Remember Doug Bagely's Shootout, you pompous, self-centered, delusional prick?
  • by danheskett (178529) <danheskett AT gmail DOT com> on Sunday January 05, 2003 @07:16PM (#5021973)
    I think the big question in mind is:

    What are the bad side effects for non-MS users? If there are mostly none or none, then god-bless MS.

    Then the question becomes: "how did the RFC process fail, and why did the OSS community not come up with this first?"

    It seems like this is an attempt to improve performance. The side effect is that the RFC is broken. If breaking the RFC has no bad side effects, then its fine by my book.

    Though, I suspect in fact that this change has consequences.
  • by moncyb (456490) on Sunday January 05, 2003 @07:30PM (#5022047) Journal

    Read the article closly. A request from IE to a non-ms server will take longer than a request from a normal browser using compliant TCP to the same server. This not only gives IE a speed advantage with IIS, it makes non-ms servers appear slower than they actually are when you use IE! The only speed advantage is with IE and IIS. As I remember, this sounds like part of the antitrust case against microsoft.

  • Re:slashdotted (Score:4, Insightful)

    by chunkwhite86 (593696) on Sunday January 05, 2003 @08:00PM (#5022229)
    It is preposterous to expect slashdot to be responsible for linking to someone else's site. By putting content on the WWW, you are explicitly allowing others to visit your site.

    The site operators are the ones who are liable for their own content and their own bandwidth usage. If they don't want more than a certain number of people visiting their site, they should tweak their web server accordingly. Not everyone has bandwidth that is metered.

    just my 2 cents.
  • Re:Cut n Paste (Score:3, Insightful)

    by CableModemSniper (556285) <.moc.liamg. .ta. .odlapacnagol.> on Sunday January 05, 2003 @08:21PM (#5022323) Homepage Journal
    RFC = Read, Forget, Change?
  • by spectecjr (31235) on Sunday January 05, 2003 @08:49PM (#5022445) Homepage
    This is more than just a persistant connections. What IE is doing is sending the request for the page *before* any sending SYN or ACK packets that every TCP/IP application is supposed to send.

    I think you'll find that the request is sent with the connection request, and is perfectly legal TCP/IP.

    The thing is, BSD sockets doesn't let you easily do this.

    Most Unix apps do this:

    SOCKET s = socket(...);
    s.connect(...); .. note: the connect request does not return until it has been acknowledged.
    s.send(...);

    What IE is doing is this:
    SOCKET s = socket(...);
    WSAConnect(...); ... where the WSAConnect call has data it will send with the connect packet inside it.

    This is ALL perfectly valid TCP. Remember; the flags in the packet are what determine how to handle the incoming packets; the data is handled separately. You can quite happily send data with your connect request, as long as you're willing to accept that the request may well fail.

    Simon
  • by spectecjr (31235) on Sunday January 05, 2003 @08:54PM (#5022463) Homepage
    Atleast from IE's point of view. It sounds as though the way pipelining is done is by simply trying a request first and they are using some low level api to the network stack. So if the connection happens to be open they get a speed up, if not they get a slow down. Seeing as the connection is going to be open more than it is closed it's a general plus.

    No, they're just calling
    WSAConnect (MSDN Library documentation) [microsoft.com].

    But hey, who am I to get in the way of a good conspiracy theory with real data?

    Simon
  • by kelnos (564113) <`ude.llenroc' `ta' `32tjb'> on Sunday January 05, 2003 @09:09PM (#5022518) Homepage
    Last time I checked, most web servers could reject persistent connections.

    Speaks pretty poorly of the server (or network architecture) if your only recourse is to say "it's the client's fault!"
    this isn't the same deal. based on the TCP specs, here is what a server (or client, for that matter) is supposed to do when it wants to close the connection:
    1) send FIN
    2) wait for ACK
    3) wait for FIN
    4) send an ACK
    if the server never receives the FIN in step 3, it assumes that the client wants to keep the connection open for some reason. this is _correct behaviour_ with regards to the TCP spec. if this article is correct, MS is merely exploiting the TCP spec to its advantage. yes, it's dirty and wastes resources, but it works.

    the thing that bothers me tho, is this is what should be happening on the server end (a non-IIS server, that is):
    1) send FIN
    2) wait for ACK
    3) ok, got ACK, now wait for FIN
    4) (after timeout) hmm, no FIN, must have been lost, so we'll resend our FIN
    5) client ACKs that FIN, but doesn't send its FIN
    6) server thinks the response FIN is lost again, so probably resends its FIN

    now the server will have a max amount of retries before it gives up and finally drops the connection (which is what it was trying for in the first place anyway). this should be a relatively low number, and the timeouts between each retransmission shouldn't be that long either. so unless IE comes back and requests another page fairly quickly, the server _should_ go ahead and drop the connection, so i fail to see how this is a problem.

    the only thing i can think of is that the client keeps responding with an ACK to the server's FINs (despite not sending its own FIN), so maybe the server won't drop the connection for that reason (since the client is obviously still alive, just not responding as expected). i don't remember the TCP spec all that clearly with regards to connection teardown, so that may be where IE is able to keep the connection open.

    then again, i could be totally wrong here, but i don't think so...
  • by Ageless (10680) on Sunday January 05, 2003 @10:03PM (#5022761) Homepage
    Since when was there anyone else... that mattered? :)
    Majority rules baby. Live with it or do something to change it.
  • by gilroy (155262) on Sunday January 05, 2003 @10:15PM (#5022824) Homepage Journal
    Blockquoth the poster:

    It seems like this is an attempt to improve performance. The side effect is that the RFC is broken

    No. The RFC is the framework. The Internet is a system of systems that can be interlinked because they communicate according to a well-established, public, open framework. No company should be in the "business" in mucking with that. If Microsoft discovered a failing in the RFC -- which, by all appearances, they did not -- then there exists a well-established, well-understood path to fixing the framework.


    Here, Microsoft has decided, arrogantly IMHO, that their tiny bit of speed enhancement is worth making the TCP connection less reliable. At the very least this wastes bandwidth; it might also waste human resources as people try to track down a "glitch" in their system that simply isn't there. If Microsoft found that the RFC is "broken", why didn't they tell anyone? Why didn't they try to help "fix" it?


    No, this is the same penny-ante, half-assed crap that spawned Windows: Let's use all these undocumented tricks to make our software look better. Standards be damned. Interoperability be damned. Our customers be damned, and by God, the greater public be damned.


    For all their talk of information "ecosystems", Microsoft still conducts themselves like a classic slash-and-burn outfit.

  • Re:This is a hoax! (Score:3, Insightful)

    by archnerd (450052) <nonce+slashdot.o ... s ['ran' in gap]> on Sunday January 05, 2003 @10:19PM (#5022839) Homepage
    My results match yours, using Win98SE. However, it's been updated to use the latest version of IE. The blogger stated that these results are from a few years ago, so I'd do some more research before denouncing it as a hoax.
  • Re:Opera is Worse (Score:2, Insightful)

    by youBastrd (602151) on Monday January 06, 2003 @12:13AM (#5023284) Homepage
    Having switched over to Opera for research, work and school, I've noticed Opera is fast to *use*. That is, tabbed browsing, mouse gestures, and a well thought-out interface makes Opera more efficient to use. The raw TCP performance is not the bottleneck, the user is.
  • by jabley (100482) on Monday January 06, 2003 @01:17AM (#5023538) Homepage

    Not a standard. RFC 1644 [rfc-editor.org] is classed experimental; it's not a standards-track protocol. See The Internet Standards Process (RFC 2026) [ietf.org]. The claim in the story leader that Microsoft were somehow ignoring RFCs looks, uh, foolish though, which is the point you were making.

  • This is NOT T/TCP (Score:5, Insightful)

    by sdxxx (471771) on Monday January 06, 2003 @02:59AM (#5023891)
    As described by the article, it actually doesn't sound like IE is using T/TCP. With T/TCP, new connections still require SYN packets. It's just that the SYN packet can also contain data, because a monotonically increasing connection counter guarantees that the server is not just seeing some old duplicate SYN packet.

    The article is admitedly not very clear about what is going on. However, it seems to imply that the server resurrects a given TCP connection, and sends data with later sequence numbers than the FIN. That doesn't sound right.

    It's also quite possible that the article is wrong or mischaracterizes the observed behavior. In particular, if IE really worked as described, you'd think people would have run into problems with certain stateful firewalls and NAT boxes.

    I wish the article would elaborate a bit more on what goes on in step "1. Request".
  • by zjbs14 (549864) on Monday January 06, 2003 @03:11AM (#5023922) Homepage
    700+ comments, 95% of which are:
    - MS sucks for breaking RFC's
    - Apache should do something about it
    - Users of IE are clueless morons.

    All of this because some blogger can't read a packet trace correctly. Everyone in the thread who's actually TRIED it (the other 5%) hasn't seen this behavior.

    There's no way anything's going to work if IE doesn't send a SYN. Nothing, Nada, Zip. It just won't happen. Firewalls, NAT, transparent proxies would kill it. IIS isn't going to care, the TCP/IP stack won't even let it get there. Same goes for Apache. Get THE book [amazon.com] on TCP/IP and find out why.

    I think this thread is a prime example of what Slashdot has become. Never mind news for nerds (definition not limited to the Linux crowd) and stuff that matters. We'll post anything as long as it's anti-MS.
  • Re:Cut n Paste (Score:3, Insightful)

    by Markus Landgren (50350) on Monday January 06, 2003 @03:34AM (#5023970) Homepage
    How about this one?

    1. Sell anthrax and other biological weapons [osd.mil] to Saddam Hussein.
    2. Wait a few years.
    3. "Discover" that Iraq owns weapons of mass destruction, and start a war against them.
    4. Replace their nasty military dictator with a friendly military dictator.
    5. Steal their oil.
    6. Profit!

    No, wait...
    There is no "?" in that one.
  • by rsilvergun (571051) on Monday January 06, 2003 @04:53AM (#5024115)
    ...because if you're IIS server is maxing out on connections, chances are you'll have to add another one; and another IIS licensce at several hundred a pop :).
  • by JoeSmack (540377) on Monday January 06, 2003 @06:31AM (#5024268)
    700+ comments, 95% of which are:
    - MS sucks for breaking RFC's
    - Apache should do something about it
    - Users of IE are clueless morons.

    All of this because some blogger can't read a packet trace correctly. Everyone in the thread who's actually TRIED it (the other 5%) hasn't seen this behavior.

    Damn, right!

    Don't forget the people who keep posting, "isn't this T/TCP? No, I don't have any idea how standards work." Or the, "Everyone here is a moron because this is just pipelining/keep-alive. Uh. I have no clue what you mean when you say, 'HTTP is written on top of TCP/IP and shouldn't affect TCP handshaking.'"

    I agree, this is getting absolutely ridiculous. Please everyone get off your anti-MS high horses, take the opportunity to read the article, analyze it, and do some research ESPECIALLY if the article is about standard networking protocols and you do not know what a protocol stack is. The fun part is supposed to be learning about stuff, not spewing mindless drivel, only to have other people keep repost it. And please, read the other posts. I swear the state of slashdot of late is starting to making me lose faith in nerds.
  • by FooBarWidget (556006) on Monday January 06, 2003 @08:13AM (#5024410)
    I don't know where you get those "95% of which are blabla" from, but I see 800+ comments:
    - 70% "the article is fake!" or "I tested it but IE use standard TCP requests. fuck you anti-Microsoft Linux zealots!"
    - 10% "MS sucks"
    - 10% junk/flamebait/trolls/crapfloods

    Sorry, but your claims are completely false. Slashdot is everything but anti-MS. Why do you think your post is modded as +5 Insightful?
    That Slashdot is an anti-MS site is simply false. People have been saying how Slashdot is anti-MS for centuries but every time I browse through the comments, there are always lots and lots of pro-MS comments, a lot of them are even modded +3/+4/+5.

fortune: not found

Working...