IETF Logo Mail Archive

Re: http/2 prioritization/fairness bug with proxies

William Chan (陈智昌) <willchan@chromium.org> Wed, 13 February 2013 22:26 UTC

Return-Path: <ietf-http-wg-request@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1FE4221E803D for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Wed, 13 Feb 2013 14:26:46 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.307
X-Spam-Level:
X-Spam-Status: No, score=-9.307 tagged_above=-999 required=5 tests=[AWL=0.369, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OQjMNbWpaNZA for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Wed, 13 Feb 2013 14:26:44 -0800 (PST)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) by ietfa.amsl.com (Postfix) with ESMTP id A6B5811E809C for <httpbisa-archive-bis2Juki@lists.ietf.org>; Wed, 13 Feb 2013 14:26:44 -0800 (PST)
Received: from lists by frink.w3.org with local (Exim 4.72) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1U5klW-0003sL-0D for ietf-http-wg-dist@listhub.w3.org; Wed, 13 Feb 2013 22:25:22 +0000
Resent-Date: Wed, 13 Feb 2013 22:25:22 +0000
Resent-Message-Id: <E1U5klW-0003sL-0D@frink.w3.org>
Received: from maggie.w3.org ([128.30.52.39]) by frink.w3.org with esmtp (Exim 4.72) (envelope-from <willchan@google.com>) id 1U5klD-0002xI-7i for ietf-http-wg@listhub.w3.org; Wed, 13 Feb 2013 22:25:03 +0000
Received: from mail-qa0-f47.google.com ([209.85.216.47]) by maggie.w3.org with esmtps (TLS1.0:RSA_ARCFOUR_SHA1:16) (Exim 4.72) (envelope-from <willchan@google.com>) id 1U5klA-0007es-3F for ietf-http-wg@w3.org; Wed, 13 Feb 2013 22:25:03 +0000
Received: by mail-qa0-f47.google.com with SMTP id j8so2372775qah.13 for <ietf-http-wg@w3.org>; Wed, 13 Feb 2013 14:24:34 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:x-received:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type; bh=8ff1syWtCSlvR2crUVLW6HXEDd5poU+xjeJqaf2O57E=; b=FW7n6ifuCx20NvM9+kmi0BY96jjATtla+enTPLBbmq7CXPPJlAcK5XnKM6/tzpE5cc umxLIlIt1WP8e5MoEoOGFhUmPUDw6AmuGsCGt8rsV/KtWdODKOLBGBSEFreQZgtPB3hj BY1oMI55WIGmRRS9QWX+CF7bCkEHf5eEvTdGIxmDT5ovuJE8m6Wr3gpW+sv9RTuc+KMr uc0hTMvs9VTmdhUACJyA1SxKiwI1bKLNu6l8b3OPm4O/+bGIEt1J/EWl0iaBSI2QOU6e Qq1beuUlwJplBI6CnKP90SDOE5faeIfAq98TeNb6aa5s6glkh//Dqcu8VXPhQgGvdvq8 seJA==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=mime-version:x-received:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type; bh=8ff1syWtCSlvR2crUVLW6HXEDd5poU+xjeJqaf2O57E=; b=FWcDPUQE/mGxDBbRc040utEBFywnrymsL+yjgWkZBEE4lFnOj0MNXY/KLn64SAOrSr GI/fjmO2K75dX6uADbTBIdHuXT5FbJirxRdpbHwvmygAGGZVSfCgSc5YXEx1gTzKZ9sR HLovjrePTSVycAO3/FedrBsjGBhDX/RLi5c98=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:x-received:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type :x-gm-message-state; bh=8ff1syWtCSlvR2crUVLW6HXEDd5poU+xjeJqaf2O57E=; b=HKX29Ompj+Blx7xdbk48bDJU+D28lj/VzgcRJIMfqminRMPznCV7AfYCT3ua2Cpc9h SSc0Ut60jf1joiwj5XCys17dKTfM1glkSrct0/lY7J8DGkxrbz3fAe2DBdx3i9EUaCvC 5Q0DTS4kWdEzJfb9dS/7n0LimgdBcZwfB3HjyLniI1XWdRgWWZkcACKKJumDI09d8CkB +12ApqsNG/xa4lxgOKDce+c+kaEFiRluJSHaP3QcEFb9+/6Re3ADgwSxEjRVYcsSvHOC RJJktNYL/oPeJjqwWPPUCQZ5qZAm8TFU08mCuKcCu0KiJU/BxG7A8MFMlZbzyC3moBm1 ABig==
MIME-Version: 1.0
X-Received: by 10.49.130.167 with SMTP id of7mr10585531qeb.22.1360794274173; Wed, 13 Feb 2013 14:24:34 -0800 (PST)
Sender: willchan@google.com
Received: by 10.229.57.163 with HTTP; Wed, 13 Feb 2013 14:24:33 -0800 (PST)
In-Reply-To: <CAK3OfOismYttmF5b5k+Qews-NLe+F5QfKNY5tXXmkv4R4EMr7w@mail.gmail.com>
References: <CAA4WUYjiBZpShKKFfHQnixc94aOLrck0oR4ykARB=hF5h8nkfA@mail.gmail.com> <3430.1359961022@critter.freebsd.dk> <510F72CE.8030003@treenet.co.nz> <CAA4WUYiBJrLjM0-vurFOuJfUaabXtK=W8N5z28yshSfrvD9crg@mail.gmail.com> <1516.1360002578@critter.freebsd.dk> <42A54D15-0AA3-4172-94F7-E94C86E84D7F@niven-jenkins.co.uk> <2346.1360010079@critter.freebsd.dk> <CAA4WUYiyu+JvFuKooqa4xVdCJP=Mngu9dgHjhH99_SEac1kCZQ@mail.gmail.com> <CABaLYCtX04se2BJ0c1yCYkwH2xvkcETdu7Pe+B8fy=DJrouo6Q@mail.gmail.com> <CAA4WUYitNR0js+5m5RHfLp-7=k-mfTUKDcayW-uzJwTgOgMyYQ@mail.gmail.com> <CABkgnnUYKDe4rZ0ZpqASkwDF2Foa_ni1rEFJH1P03k1Bv_NCog@mail.gmail.com> <CAA4WUYg+evqEMdiYSv+EZ7668eCq_dwqKiYmA4Lq-xZkoD_9Fw@mail.gmail.com> <CAK3OfOi7So1KWXdfv+UEqKAr-o1TaXiZmSmJx61WFR3J0zW_JA@mail.gmail.com> <4613980CFC78314ABFD7F85CC3027721119A440A@IL-EX10.ad.checkpoint.com> <CAK3OfOiLVfq7y4SJmoP-JyvgQc5uB8sDTrkDySMZfWqAdYf0yg@mail.gmail.com> <CAP+FsNchpZRLEfHVptV=tsLFHRP_N62QCbAcacvxoCoVhUxqkQ@mail.gmail.com> <CAK3OfOi_L+97AyoTWaNwqznnkyFR4SAHug2twKaMUPH1jbbtBQ@mail.gmail.com> <CAP+FsNegVDNfvzUMwyi-CqURcK_hWG26CFP-Fc=kjPsZL6LLiQ@mail.gmail.com> <CAK3OfOismYttmF5b5k+Qews-NLe+F5QfKNY5tXXmkv4R4EMr7w@mail.gmail.com>
Date: Wed, 13 Feb 2013 14:24:33 -0800
X-Google-Sender-Auth: i87O7PM5bA2AGyKcgcl6csOVvwQ
Message-ID: <CAA4WUYhQTjD9X9QfDG-vNMbuiLCx=W0MrjwSYbbOkS6-HQjXFg@mail.gmail.com>
From: "William Chan (陈智昌)" <willchan@chromium.org>
To: Nico Williams <nico@cryptonector.com>
Cc: Roberto Peon <grmocg@gmail.com>, Yoav Nir <ynir@checkpoint.com>, HTTP Working Group <ietf-http-wg@w3.org>
Content-Type: multipart/alternative; boundary="047d7bdc1a8653153204d5a29bad"
X-Gm-Message-State: ALoCoQnV/KbNvKfL8cRZib5WkcBbGDnVnKLd5WlWnbinEFREC//ehpN0t/aZzYR/dN8X2lhe5kEFJyfoEm9G7jjycwiuz0Y+irfK0oPvLy0L3HE6+i6SuAkJWOUt3pxRv5DzzmDc/nYOqtzCQYpWmVnFSAllgw7XOctiiX0y7w2qIhx75TL8nMSwyfm+eQRK6N6SMIRNnlV+
Received-SPF: pass client-ip=209.85.216.47; envelope-from=willchan@google.com; helo=mail-qa0-f47.google.com
X-W3C-Hub-Spam-Status: No, score=-4.4
X-W3C-Hub-Spam-Report: AWL=-1.703, BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001
X-W3C-Scan-Sig: maggie.w3.org 1U5klA-0007es-3F 458cdeb7a28b0eb574e2c4fc07fa69dc
X-Original-To: ietf-http-wg@w3.org
Subject: Re: http/2 prioritization/fairness bug with proxies
Archived-At: <http://www.w3.org/mid/CAA4WUYhQTjD9X9QfDG-vNMbuiLCx=W0MrjwSYbbOkS6-HQjXFg@mail.gmail.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/16600
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

There are a lot of emails here, and I haven't read them all. But this
discussion of browsers and multiple connections and bulk data transfers
worries me. Please remember what the browser vendors are telling you: we
want prioritization amongst HTTP requests involved in browsing, all of
which count as "interactive" and "non-bulk". Please see:
http://lists.w3.org/Archives/Public/ietf-http-wg/2013JanMar/0568.html
http://lists.w3.org/Archives/Public/ietf-http-wg/2013JanMar/0573.html

I don't understand how per-priority TCP connections will solve this.


On Wed, Feb 13, 2013 at 1:48 PM, Nico Williams <nico@cryptonector.com>wrote:

> On Wed, Feb 13, 2013 at 3:23 PM, Roberto Peon <grmocg@gmail.com> wrote:
> > On Wed, Feb 13, 2013 at 12:57 PM, Nico Williams <nico@cryptonector.com>
> > wrote:
> > Even if the network does the right thing and the bytes have arrived,
> TCP's
> > API still only lets you access the packets in-order.
>
> Are we brave enough to try SCTP instead of TCP for HTTP/2.0?
>
> I didn't think so.
>
> :) (that should be a sad smiley, actually)
>
> >> There's two ways to address these issues: either don't it (it ==
> >> multiplex diff QoS traffic over the same TCP conn.) or try hard never
> >> to write more than one BDP's worth of bulk without considering higher
> >> priority traffic.
> >
> > QoS for packets on multiple connections also doesn't work- each entity
> > owning a connection sends at what it believes is its max rate, induces
> > packet loss, gets throttled appropriately, and then takes too make RTTs
> to
> > recover. You end up not fully utilizing the channel(s).
>
> No, no, all bulk traffic should be sent over one connection at max
> rate.  Multiple bulk flows can be multiplexed safely over one TCP
> connection, therefore they should be.
>
> High priority traffic _generally_ means "non-bulk", therefore "max
> rate" for non-bulk is generally much, much less than for bulk and,
> therefore, non-bulk traffic can be multiplexed safely over a single
> TCP connection, being careful to move to a bulk connection when a
> non-bulk flow changes nature.
>
> The sender will know what whether a message is a bulk message or not.
>
> One complication here is that many requests will be non-bulk but their
> responses will be.  I.e., you might want to write the responses to
> requests on a different connection from the request!  And now you need
> an XID or some such, but you probably want one anyways so that
> responses can be interleaved.
>
> (For example by analogy, if we were talking about doing this as an
> SSHv2 extension we might migrate a pty stdout channel to a bulk
> connection when the user does a cat(1) of a huge file.  This is much
> harder in SSHv2 because we have logical octet streams for interactive,
> high-priority data, but we don't have such a thing in HTTP, so this is
> not a concern at all.  This is just an analogy to illustrate the
> point.)
>
> > The hard part is "considering higher priority traffic" when that traffic
> is
> > being send from a different machine, as would occur in the multiple
> > connection case.
>
> Are you talking about proxies aggregating traffic from multiple
> clients into one [set of] TCP connection[s] to a given server?  Sure,
> but all the proxy needs is to know whether a given request (or
> response) is bulk or not.
>
> > With a single connection, this is easy to coordinate. Agreed that
> estimating
> > BDP isn't trivial (however it is something that TCP effectively has to
> do).
>
> A single connection is a bad idea.  We already use multiple
> connections today in _browsers_.  Of course, for non-browser apps
> multiple connections may be quite a change, but that should be a)
> optional, b) acceptable anyways.
>
> >> > which we'd otherwise be able to do without. Unfortunately, per
> priority
> >> > TCP
> >> > connections don't work well for large loadbalancers where each of
> these
> >> > connections will likely be terminating at a different place. This
> would
> >> > create a difficult synchronization problem server side, full of races
> >> > and
> >> > complexity, and likely quite a bit worse in complexity than getting
> flow
> >> > control working well.
> >>
> >> I think you're saying that because of proxies it's difficult to ensure
> >> per-priority TCP connections, but this is HTTP/2.0 we're talking
> >> about.  We have the power to dictate that HTTP/2.0 proxies replicate
> >> the client's per-priority TCP connection scheme.
> >
> > No, I'm saying that it is somewhere between difficult and impossible to
> > ensure that separate connections from a client end up on one machine in
> the
> > modern loadbalancer world.
>
> I don't think it should be difficult, much less impossible, for
> HTTP/_2.0_.  What you need for this is to identify flows so their
> requests/responses can be grouped.  The main thing that comes to mind
> is that the load balancer needs to understand Chunked PUTs/POSTs and
> get them to go to the same end server -- surely this is handled
> already in HTTP/1.1 load balancers.
>
> > From a latency perspective, opening up the multiple connections can be a
> > loss as well-- it increases server load for both CPU and memory and
> vastly
> > increases the chance that you'll get a lost-packet on the SYN which takes
> > far longer to recover from as it requires an RTO before RTT has likely
> been
> > computed.
>
> Well, sure, but the sender could share one connection for multiple QoS
> traffic types while the additional connections come up, and hope for
> the best -- mostly it should work out.
>
> >> > Note that the recommendation will be that flow control be effectively
> >> > disabled unless you know what you're doing, and have a good reason
> >> > (memory
> >> > pressure) to use it.
> >>
> >> Huh?  Are you saying "we need and will specify flow control.  It won't
> >> work.  Therefore we'll have it off by default."  How can that help?!
> >> I don't see how it can.
> >
> > Everyone will be required to implement the flow control mechanism as a
> > sender.
> > Only those people who have effective memory limitations will require its
> use
> > when receiving (since the receiver dictates policy for flow control).
>
> So this is a source quench type flow control?  (As opposed to window
> size type, as in SSHv2.)  But note that the issue isn't the need to
> quench fast sources from slow sinks.  The issue is that by the time
> you notice that you have a source/sink bandwidth mismatch it's too
> late and TCP flow control has kicked in.  Of course, the receiver can
> recover by quenching the sender and then reading and buffering
> whatever's left on the wire, thus freeing up bandwidth on the wire for
> other sources, but the cost is lots of buffer space on the receiver,
> unless you can tell the sender to resend later and then you can throw
> away instead of buffer.
>
> Nico
> --
>
>

v2.23.0 | Report a Bug | By Email