Network performance regressions from TCP SACK vulnerability fixes
databricks.comThe article includes no details on what kernel patch they applied, what kernel version is in their AMI, or if they even have SACK enabled.
Guess you're on your own, Team Databricks!
We posted more details just now. Will share more next week too.
More coming next week. We believe we got to the bottom of this last night.
If true, this is unfortunate for anyone who was forced to apply their workaround in their systems, due to them being flagged by some "compliance" tool, even though they are not even accessible externally.
Regressions should be expected, because the unpatched code would have less checks to ensure correct operation.