PATTERN Cited by 1 source
Unix socket local bypass¶
Unix socket local bypass is a pattern where co-located services replace network socket communication (TCP/IP) with Unix domain sockets for same-machine IPC. This eliminates the network stack overhead (DNS lookups, routing, TCP handshake, congestion control) while preserving the socket API contract.
Motivation¶
When two services run on the same machine, TCP/IP communication traverses the full network stack unnecessarily. Replacing this with Unix domain sockets:
- Eliminates DNS resolution and routing decisions.
- Removes TCP congestion control overhead (irrelevant for local communication).
- Reduces latency by bypassing network-layer processing.
- Allows independent deployment of the connected services (decoupling from intermediary release cycles).
Trade-offs¶
| Benefit | Risk |
|---|---|
| Lower latency, no network overhead | Different backpressure timing can surface latent bugs |
| Independent release cycles | Tighter coupling to same-machine deployment topology |
| Simpler security model (filesystem permissions) | Cannot span machines without re-architecture |
Cloudflare's Experience¶
Cloudflare's Images team replaced FL (an internal intermediary using network sockets) with a Unix-socket connection between the Workers runtime and the Images service. While this made the path faster and gave the team deployment independence, the slightly different reader pacing introduced by the new intermediary was sufficient to fill the socket buffer under load — exposing a race condition in systems/hyper that had been latent for years (Source: sources/2026-06-22-cloudflare-how-we-found-a-bug-in-the-hyper-http-library).
Lesson: Changing the transport layer can alter backpressure characteristics enough to surface bugs in libraries that assume fast readers.
Seen In¶
- sources/2026-06-22-cloudflare-how-we-found-a-bug-in-the-hyper-http-library — Unix socket migration exposed latent hyper race condition