One would think that in 30 years there will be some sort of best practises established. Some articles to refer people to. Or at least some people to share their experience and answer practical questions.
And yet there is still only "you doing it wrong, and I won't tell you how to do it right"
> If you're processing financial transactions you want your isolation level to be serialisable. As the order in which the transactions are processed matters.
So you don't know what serializable level is.
> Even with 1ms latency. Amdahl's law will still make you cap out at a theoretical 1000 TPS if you have 100% row lock contention.
> read-modify-write is the canonical transactional workload. That applies to explicit transactions (anything that does an UPDATE or SELECT followed by a write in a transaction), but also things that do implicit transactions (like the example above)
Your "implicit transaction" would not be consistent even if there was no replication involved at all. Explicit db transactions exist for a reason - use them.
> you can absolutely NAT without preventing the "outside" subnets from being allowed to route to the "inside" subnet
Under very specific conditions. Technically if you send packet with destination 192.168.1.10 directly to wan port of router - yes it can route it inside. The problem - how to deliver this packet over internet. You need to be connected to exactly same network segment to pull it off.
And you don't need statefull firewall to deny this kind of packets.
My have certain shortcomings: it doesn't assign dns names to hosts and doesn't configure firewall rules