IETF Logo Mail Archive

Re: draft-asveren-dispatch-http-overload

Mark Nottingham <mnot@mnot.net> Mon, 14 May 2018 07:45 UTC

Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 131D512D7F8 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Mon, 14 May 2018 00:45:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.751
X-Spam-Level:
X-Spam-Status: No, score=-7.751 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.25, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=mnot.net header.b=u/HUfhod; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=LxMQPhvH
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qj_gEWvaJOQX for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Mon, 14 May 2018 00:45:43 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8A78B12D7F6 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Mon, 14 May 2018 00:45:43 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.89) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1fI82Z-0003AM-FC for ietf-http-wg-dist@listhub.w3.org; Mon, 14 May 2018 07:37:03 +0000
Resent-Date: Mon, 14 May 2018 07:37:03 +0000
Resent-Message-Id: <E1fI82Z-0003AM-FC@frink.w3.org>
Received: from titan.w3.org ([128.30.52.76]) by frink.w3.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.89) (envelope-from <mnot@mnot.net>) id 1fI82P-0002so-0U for ietf-http-wg@listhub.w3.org; Mon, 14 May 2018 07:36:53 +0000
Received: from out2-smtp.messagingengine.com ([66.111.4.26]) by titan.w3.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.89) (envelope-from <mnot@mnot.net>) id 1fI82L-0005e8-DL for ietf-http-wg@w3.org; Mon, 14 May 2018 07:36:52 +0000
Received: from compute3.internal (compute3.nyi.internal [10.202.2.43]) by mailout.nyi.internal (Postfix) with ESMTP id 9DDE521C05; Mon, 14 May 2018 03:36:28 -0400 (EDT)
Received: from mailfrontend1 ([10.202.2.162]) by compute3.internal (MEProxy); Mon, 14 May 2018 03:36:28 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mnot.net; h=cc :content-transfer-encoding:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-sender :x-me-sender:x-sasl-enc; s=fm2; bh=p5qZU0g46Ez89UFKRBwQUzDVzFMrN +TerWPgxVrGRfo=; b=u/HUfhodGGM4YHAiLXOdpOc1Tp85QeqiwdU1Epk7zYxca E8dXX50wlzeES1WH4i9Vm2Wcv6/OJ7yQcrg9kd8lV1xqFK9faA6w3LaUsXV3vNiY q+ICTPuu3Ee3lmtmr1u6yGA3+izu/RXXtGiWUTHkD08HDLBWc+bGDj0jFopO7R+m LAkOPc1Fne23Y6VIiXjyp6sfcKCNx9ulsYlnxaSRLaqLUSlvWMvJZK9DDTZgkoFw j1VsQkPGkFjaptu67QOcmnG3o8KuwcgGpE5nKSqGLwYz0s5Biu5IswopPPBgAILz u0tGU6hZkdB8jj+Dlt4bfO8e1dsrntQ7V/Q3Tcv+Q==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-me-sender:x-me-sender:x-sasl-enc; s=fm2; bh=p5qZU0 g46Ez89UFKRBwQUzDVzFMrN+TerWPgxVrGRfo=; b=LxMQPhvHy5ychcC7CVoRvk LKKBtORkpM1HpYY1C9E1dIb3n5otyfU62u5E0zA2Pk5VmOK0+u1L8+Pi9TG7m1i3 L4qLiL4FFlB4YafnrEr7zKn3UxXOKrc0FOlFRLqAsbE1XUcla4T7mR5gTEEFvcBy 4YDMVENtD7A3N0lQ63wiIIOPYJFbj/IE/WHguYr9cI3QM9aJAMkNvG2E7/nQLtKY YnXwLucfsv8Yssu7zw/BggzWzbDKRnNuzvZjiwms913AwABedMWBTCPb917+eKuk FCuDPpUvYOFBa+zMlKdPchmTftOe7UQIpurEvq9+//wlVl4aRXWyWgYBK7k9HThA ==
X-ME-Sender: <xms:fDz5WvuGT3yvM0dzDwhCcw-6s1Yo4ajZmtwuAbXqVdiRf4bc7E5HyQ>
Received: from [192.168.1.25] (unknown [144.136.175.28]) by mail.messagingengine.com (Postfix) with ESMTPA id 0CDE4E4350; Mon, 14 May 2018 03:36:24 -0400 (EDT)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 11.3 \(3445.6.18\))
From: Mark Nottingham <mnot@mnot.net>
In-Reply-To: <CY4PR03MB316006C17D5AC3D81F54850BA5840@CY4PR03MB3160.namprd03.prod.outlook.com>
Date: Mon, 14 May 2018 17:36:21 +1000
Cc: "Julian F. Reschke" <julian.reschke@gmx.de>, Martin Thomson <martin.thomson@gmail.com>, "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <8F7AB950-1620-4253-B4E8-D41387571373@mnot.net>
References: <CY4PR03MB31607A155630036128CD091FA5830@CY4PR03MB3160.namprd03.prod.outlook.com> <CABkgnnVZcfzpCOsCmpC8rYEugOz2TjxnerkQgZaKJ52nqT7bFA@mail.gmail.com> <CY4PR03MB3160E802F1BA342798820FC6A5820@CY4PR03MB3160.namprd03.prod.outlook.com> <CABkgnnV0tQyKeV8x1wDXN=U3NJ0gd5jy+d6O47-Ct9O55N5ZcA@mail.gmail.com> <CY4PR03MB31606D5AFCC9131064C192F2A5810@CY4PR03MB3160.namprd03.prod.outlook.com> <5cbb62e1-fd86-b618-47a2-9529219b3b92@gmx.de> <CY4PR03MB3160997E2A79AC0433B62031A5810@CY4PR03MB3160.namprd03.prod.outlook.com> <CY4PR03MB316006C17D5AC3D81F54850BA5840@CY4PR03MB3160.namprd03.prod.outlook.com>
To: "Asveren, Tolga" <tasveren@rbbn.com>
X-Mailer: Apple Mail (2.3445.6.18)
X-W3C-Hub-Spam-Status: No, score=-6.6
X-W3C-Hub-Spam-Report: AWL=3.090, BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, W3C_AA=-1, W3C_DB=-1, W3C_IRA=-1, W3C_IRR=-3, W3C_WL=-1
X-W3C-Scan-Sig: titan.w3.org 1fI82L-0005e8-DL 94794d6107f6c7d7c71e847d270f627e
X-Original-To: ietf-http-wg@w3.org
Subject: Re: draft-asveren-dispatch-http-overload
Archived-At: <https://www.w3.org/mid/8F7AB950-1620-4253-B4E8-D41387571373@mnot.net>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/35383
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <https://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

Hi Tolga,

My .02 - 

> On 7 May 2018, at 5:46 am, Asveren, Tolga <tasveren@rbbn.com> wrote:
> 
> To regroup:
>  
> i- Is there any existing mechanism (503 with Retry-After does not provide a satisfactory solution) which would address the server/application overload problem? AFAICT the answer is “No” (but I am ready to be corrected)

I'm not sure that that 503+Retry-After is inadequate. The text that you reference in 5390 seems to suggest that in SIP, Retry-After "allows a server to tell an upstream element to stop sending traffic for a period of time," thereby causing the problems you refer to. In HTTP, this is not the case; the scope of applicability for Retry-After is only the request that it's associated with. From <https://httpwg.org/specs/rfc7231.html#status.503>:

"The server MAY send a Retry-After header field (Section 7.1.3) to suggest an appropriate amount of time for the client to wait before retrying the request."

So, the server can be selective about the requests it defers, giving a more fine-grained control mechanism. It could be that the semantics of Retry-After might need some refinement (e.g., in an applicability statement for a particular use case, or a protocol extension that adds more information), but it seems like its definition in SIP and HTTP diverge enough to justify caution in making assumptions.

All that said -- what would really help would be a set of use cases that explain how you expect this to be used in HTTP; it's difficult to design or evaluate an extension without them.

Cheers,


>  
> ii- (Assuming that “No” holds good for i-) I am planning to update the draft with explanations about:
> 	• Why 503 with Retry-After is inadequate
> 	• That the intent is not to prevent attacks from malicious users
> 	• The scope is server/application overload
>  
>  
> Any other suggestions/feedback are welcome.
>  
> Thanks,
> Tolga
>  
> From: Asveren, Tolga 
> Sent: Tuesday, May 1, 2018 7:00 AM
> To: 'Julian Reschke' <julian.reschke@gmx.de>; Martin Thomson <martin.thomson@gmail.com>
> Cc: ietf-http-wg@w3.org
> Subject: RE: draft-asveren-dispatch-http-overload
>  
> Agreed that it could be server or the application or the resource (at least theoretically and maybe also in practice). This draft is about server/application overload cases. For real-time application use, these need to be addresses in a satisfactory way for enabling better response times once they happen IMHO. 
>  
> So, maybe a new parameter indicating the nature of the overload could be useful. Any thoughts on that?
>  
> And my apologies for not being clear about the terminology causing confusion.
>  
> Thanks,
> Tolga
>  
> From: Julian Reschke <julian.reschke@gmx.de> 
> Sent: Tuesday, May 1, 2018 6:19 AM
> To: Asveren, Tolga <tasveren@rbbn.com>; Martin Thomson <martin.thomson@gmail.com>
> Cc: ietf-http-wg@w3.org
> Subject: Re: draft-asveren-dispatch-http-overload
>  
> NOTICE: This email was received from an EXTERNAL sender
> 
> On 2018-05-01 11:41, Asveren, Tolga wrote:
> > I certainly will include these explanation, and more about a few other 
> > issues, in the next version of the draft. My initial goal was to get 
> > some initial idea/feedback from other folks.
> > 
> > Regarding interpretation of 503: I think it is quite clear, at least 
> > IMHO, based on RFC2616 that it indicates the status of the server in 
> > general not just for a single request:
> > 
> > *10.5.4 503 Service Unavailable*
> > 
> >    The server is currently unable to handle the request due to a
> > 
> >    temporary overloading or maintenance of the server. The implication
> > 
> >    is that this is a temporary condition which will be alleviated after
> > 
> >    some delay. If known, the length of the delay MAY be indicated in a
> > 
> >    Retry-After header. If no Retry-After is given, the client SHOULD
> > 
> >    handle the response as it would for a 500 response.
> > 
> > I also never saw it being interpreted/used on “per request” basis in 
> > practice.
> > ...
> 
> RFC 2616 is irrelevant. RFC 7231 says:
> 
> > The 503 (Service Unavailable) status code indicates that the server is currently unable to handle the request due to a temporary overload or scheduled maintenance, which will likely be alleviated after some delay. The server MAY send a Retry-After header field (Section 7.1.3) to suggest an appropriate amount of time for the client to wait before retrying the request.
> > 
> > Note: The existence of the 503 status code does not imply that a server has to use it when becoming overloaded. Some servers might simply refuse the connection.
> 
> That IMHO leaves the nature of the overload open; it could be the server 
> itself, a specific service, or just one resource.
> 
> Best regards, Julian

--
Mark Nottingham   https://www.mnot.net/

v2.23.0 | Report a Bug | By Email