Blog Post

Cracking the performance code of the Great Firewall of China

Tapping into the booming online China market can be a windfall for any company. Establishing a web presence in China, however, is a unique challenge due to the technical obstructions imposed by the Great Firewall system that blocks certain content flowing into the country. In a recent benchmark study of international brands doing business in China, the performance-limiting byproduct of the firewall became clear as we uncovered a wide disparity in the speed and uptime of these websites.

Why did one luxury brand achieve a fast 3.5-second average webpage response time with 100 percent availability, while another took over 40 seconds to load on average with only 91 percent availability? The slow-loading or low-availability sites could result in a significant revenue loss, as end users either give up or go to a competitor. Either way, that opportunity is gone for the original site.

The factors we uncovered, through tests conducted via 26 backbone monitoring locations in mainland China, had little to do with geographic proximity. While many companies put servers close to mainland China, in South Korea or Hong Kong, we found that any server, however nearby, that remains outside mainland China’s firewall is subject to the roadblocks and speed bumps the firewall creates. And that often results in poor performance.

When in China …

Lesson one is clear: If you want to do business in China, you must place your infrastructure inside mainland China. That will put you within the boundary of the firewall’s technical filtering. This chart showing the aggregate performance of .COM domains as opposed to .CN domains. As you can see, the .CN group of sites, all hosted in mainland China, perform roughly twice as fast as the .COMs.

Catchpoint Systems charts

We also discovered slowdowns when in-China businesses utilized CDNs or DNS servers outside the firewall. So for optimal performance, we suggest extending the in-China server mandate to all IT infrastructure.

The next roadblock gets tricky: even when a company puts all its infrastructure inside the firewall, it will still experience performance problems if its sites use third-party elements not hosted inside of the firewall. For example, U.S.-based third-party services, like those provided by [company]Google[/company] or [company]Facebook[/company], can cause a site that would otherwise load cleanly to hang or be completely unavailable.

This includes the jQuery Javascript library hosted by Google, which runs into functionality problems since most Google-owned services get blocked in China. So always try to strip your site of these services, or make certain more critical site elements load around them without hanging. Similarly, if you’re utilizing log-in services by those companies, be sure to strip them completely from your China site, as Chinese users won’t be able to use them.

Strip down to the essentials

Another general rule is to keep sites slimmed down as much as possible due to the bandwidth limitations of China’s web infrastructure, which is still being built and is not as fast or stable as ours in the U.S. Sites that performed poorly in our monitoring were often several times heavier than those that yielded the best results. So compress assets like Javascript and CSS files, and minimize any redirects.

Finally, ongoing monitoring becomes even more essential, as we’ve discovered that the specifications of the firewall are constantly changing. What was being limited or filtered last month may change next month.

There’s no doubt that the complexity and difficulty of successfully hosting a customer-facing website in China can be a headache. But those companies that can successfully do it will gain a significant advantage over competitors, and ultimately grab more market share in a country that is, in many ways, still an untapped market.

Mehdi Daoudi is CEO and co-founder of Catchpoint Systems, a provider of web and infrastructure monitoring solutions.

2 Responses to “Cracking the performance code of the Great Firewall of China”

  1. The real killer seems to be when traffic has to traverse the border. If you can be entirely hosted within China then you only have to deal with local issues like available bandwidth for your end users.

    As soon as you go over the border to external networks, that’s where the latency kicks in. In my own tests I’ve seen huge levels of packet loss and very high latency. What’s the cause of this? Poor peering? Perhaps. The firewall? More likely. Hard to say for sure though.