Re: Redirection to Other IP Addresses

Bin Ni <nibin@quantil.com> Thu, 01 August 2019 07:05 UTC

Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CF3DE120026 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Thu, 1 Aug 2019 00:05:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.698
X-Spam-Level:
X-Spam-Status: No, score=-0.698 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, GB_VISITOURSITE=2, HEADER_FROM_DIFFERENT_DOMAINS=0.201, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=quantil-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DR_4dTfyMIvh for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Thu, 1 Aug 2019 00:05:47 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [IPv6:2603:400a:ffff:804:801e:34:0:38]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 86242120025 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Thu, 1 Aug 2019 00:05:47 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.89) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1ht57g-0002qj-QL for ietf-http-wg-dist@listhub.w3.org; Thu, 01 Aug 2019 07:03:36 +0000
Resent-Date: Thu, 01 Aug 2019 07:03:36 +0000
Resent-Message-Id: <E1ht57g-0002qj-QL@frink.w3.org>
Received: from titan.w3.org ([2603:400a:ffff:804:801e:34:0:4c]) by frink.w3.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.89) (envelope-from <nibin@quantil.com>) id 1ht57d-0002VT-FM for ietf-http-wg@listhub.w3.org; Thu, 01 Aug 2019 07:03:33 +0000
Received: from mail-vs1-xe2a.google.com ([2607:f8b0:4864:20::e2a]) by titan.w3.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.89) (envelope-from <nibin@quantil.com>) id 1ht57a-0000uc-Lh for ietf-http-wg@w3.org; Thu, 01 Aug 2019 07:03:32 +0000
Received: by mail-vs1-xe2a.google.com with SMTP id y16so48113855vsc.3 for <ietf-http-wg@w3.org>; Thu, 01 Aug 2019 00:03:10 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=quantil-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=TtJTZEoG335AeM5cNP7MJ6Tvj3qIinRAbOr4kTs05j4=; b=dkeJvD9b56LsQAvJoLik7jCTjqnmNyJor8m8TfbV+5U9Gk/lF5mMtowXeCaXeut9Gf j4Jy9n/DaiqIEEUyhl9cMNh3hF4cUeiWXyhrQFsJM6Dyo5CbgLMkvw1BiJhLfiaLNVmw Zdg+evCckaTp1e7F5TCmdZMllDM978v8s322Dok9c5rjusXw9AnsXILcvbuAVB/pC4C+ GRsbaAcOg+ppSYjw30u3hIaF2YuTaj/7sAEBdJiOUdd5ZhG7JxEW1hDOqantjcBiraYl pkGHYLjBW0GlHTOzOYYw1U8ZDL4GP+9+B7zRvo70QviR5aE65z0plneDkfHxVJ+2a2z7 xVbw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=TtJTZEoG335AeM5cNP7MJ6Tvj3qIinRAbOr4kTs05j4=; b=l9qtauReTK/uLhVkfh/yGFLq70dHR72C/vyabnd/ISp8iKP8+n9Z6CnRZKzFu5nQ+3 Vpx/eaomYRZNUd+S1fup6Ktm9ZybCR2lm5EmvijeJrs2mUoN0EdttKXe/0PGA2gr8yRh GJ6SxjuVag4KYgs8BufEnDfjbGxRzLsGrUOSqiHwGHvTpiwU4Hx3rXldn3JeO8zZdhUT kaTqu1+oFbgU+eYoMbmPAIospMl88HG6ZgK+GoWhOvCi1EqmNKrZCm02MYwJdCqKSDDE fFo3tSZVXw9WPvigdsYmyjYOw/wF0+syXVxuGhD/iCJAYae2Nf/dlYW7ZxQfApy/p/UY /Tvg==
X-Gm-Message-State: APjAAAUNpZXXxCnigifMQdY7EvyQhgg81xLU9V1Wr6Sdv27/g6As97P4 Xry4zYQEsLawHhALZaADNQ19jNNTqOgPVWKzobtv7g==
X-Google-Smtp-Source: APXvYqxCpqexeUNSE6ffqyWNCctbR8iEfthnbfcGyymKv7Nm4secZpf5BUCkn7mdXnEi19P6fR9znIvZcnopUqWWfvY=
X-Received: by 2002:a67:68d4:: with SMTP id d203mr86578887vsc.28.1564642989090; Thu, 01 Aug 2019 00:03:09 -0700 (PDT)
MIME-Version: 1.0
References: <CAFifEMLOHp5=OqUXZbg_WKNQmNsTW3Bg5P4btJdX06CF=Wi2AA@mail.gmail.com> <d9b03ef6-9c8c-1eb2-7f74-014f9703475d@gmx.de> <CAJ_4DfQifbJJ7owfrgUUOqXimL-KQkb4-1f_Qp6+CMjhYC1bbg@mail.gmail.com> <CAFifEMJPZd9CGghi_MJ1Hrcq7TJNnkV6yH-EKtrrfaQmStS4Ug@mail.gmail.com> <b09ab672-f512-52bc-6c28-7df55919a846@gmx.de> <CAFifEM+TXtsxTt-NcH+hQomEAYZmMTW_kPxXvQB69eM4KgGf7g@mail.gmail.com> <d4d25ceb-09b5-72ff-6c36-7fdfc2796b15@gmx.de> <CAFifEMKff11nmJZgE1RGWT8qH6SKsO2tqWCF9vQsvF5=BMeQgg@mail.gmail.com> <45C10C32-DA87-4AE3-9082-DAAFD5D9C412@vcontractor.co.za> <CAHbrMsAE1ZezM5U_b2s3juc4OC0LJDOpyHfek7Pu2AaQcXpf8A@mail.gmail.com> <CAJU8_nWP63pT08X4QkUmk6KT_U98LjiFvNaTNg5ZtVMG3AFiFg@mail.gmail.com> <CAFifEMLnSB5SYb_q0toTE3Xy1i56=14ki=__91Phc76HHL+ZhQ@mail.gmail.com> <f05b5157-f068-1e03-8422-36d0425a32a5@treenet.co.nz> <CAFifEMLQXUSHKOjKN9JR87ht1UUvf-1AEWKNmuKeOqKyzjT28Q@mail.gmail.com> <CAJEGKNtWvXyrFLU0KW-rqN1qd-PLOqobjx1o6kRcH27_O9Ri7Q@mail.gmail.com> <CAFifEMKhjU=EmMj6yyVN5D1aSfCVi9HAWgE-Ebzu8NscKQpv_w@mail.gmail.com> <CAJEGKNvoKijzJsTOSE0w08wst=zxoTa95Jx8xVfRWmCWJTJ=4g@mail.gmail.com> <CAFifEMLrWwBoPDQZiHvp65zwS+0CEka1sSoLMYQo6ydYit3aNQ@mail.gmail.com> <CAAXAoJUdJP-WUa8sxt_3L+=09wQb_UUOGq0517ibzYrVoU8aOA@mail.gmail.com>
In-Reply-To: <CAAXAoJUdJP-WUa8sxt_3L+=09wQb_UUOGq0517ibzYrVoU8aOA@mail.gmail.com>
From: Bin Ni <nibin@quantil.com>
Date: Thu, 1 Aug 2019 00:02:57 -0700
Message-ID: <CAFifEMLvsHA9eOZS6MRNCvVa_c+jEOoPsmXbMrbC09aY=0-MZQ@mail.gmail.com>
To: Jack Firth <jackhfirth@gmail.com>
Cc: Chris Lemmons <alficles@gmail.com>, Amos Jeffries <squid3@treenet.co.nz>, HTTP Working Group <ietf-http-wg@w3.org>
Content-Type: multipart/alternative; boundary="00000000000090c133058f08d536"
Received-SPF: pass client-ip=2607:f8b0:4864:20::e2a; envelope-from=nibin@quantil.com; helo=mail-vs1-xe2a.google.com
X-W3C-Hub-Spam-Status: No, score=-3.2
X-W3C-Hub-Spam-Report: AWL=0.715, BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_REMOTE_IMAGE=0.01, W3C_AA=-1, W3C_WL=-1
X-W3C-Scan-Sig: titan.w3.org 1ht57a-0000uc-Lh af118491c4eb2397d639776ddeb8ef86
X-Original-To: ietf-http-wg@w3.org
Subject: Re: Redirection to Other IP Addresses
Archived-At: <https://www.w3.org/mid/CAFifEMLvsHA9eOZS6MRNCvVa_c+jEOoPsmXbMrbC09aY=0-MZQ@mail.gmail.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/36908
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <https://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

Hi Jack,

Potentially, we can extend RFC 7838, as I mentioned in my proposal
<https://docs.google.com/document/d/1gtF6Nq3iPe44515BfsU18dAxfCYOvQaekiezK8FEHu0/edit#heading=h.e8fyx0s8f7wy>;,
to define the behavior of client and server when "alt-svc" is used in
conjunction with a special status code. This is still a change/extension to
the existing protocol. I feel 4xx is not good for this purpose, since this
is not a client error. I think a 3XX is more appropriate.

Thanks!

Bin

On Wed, Jul 31, 2019 at 10:52 PM Jack Firth <jackhfirth@gmail.com>; wrote:

> Versus with "alt-svc", the server will serve the content for the current
>> request, client will finish receiving the response and MAYBE connect to the
>> new IP for the next request.
>
>
> Could you return a 4xx error with the Alt-Svc header set, and a body
> message that tells clients they must use the Alt-Svc if they don't want to
> get a 4xx? Or even a generic 300? It seems reasonable to me for a CDN
> server to refuse to serve requests it knows will be prohibitively
> expensive, while providing clients with Alt-Svc as a way to find a
> less-expensive alternative.
>
> On Wed, Jul 31, 2019 at 8:55 PM Bin Ni <nibin@quantil.com>; wrote:
>
>> Hi Chris,
>>
>> There are a few caveats in your reasoning:
>> 1.  It does not have to be some "accept header". It can be the
>> "User-Agent" header as I mentioned, for example, chrome version > 100. Or
>> on contract. For example, some CDN customers have full control of the
>> client software. They just tell the CDN provider that "you can enable the
>> 312 redirection on all of our domains".
>> 2. Even when it does rely on some "accept header", there is still a
>> critical difference from "alt-svc":
>>     In this proposal, the current request will not be served. The client
>> will get a 312 and forced to reconnect to the new IP, similar to the 30X
>> redirection.
>>     Versus with "alt-svc", the server will serve the content for the
>> current request, client will finish receiving the response and MAYBE
>> connect to the new IP for the next request.
>>
>> Hope this is more clear. Please don't hesitate with more questions!
>> Thanks!
>>
>> Bin
>>
>> On Wed, Jul 31, 2019 at 6:49 PM Chris Lemmons <alficles@gmail.com>; wrote:
>>
>>> So, the typical mechanism for that would be an accept header of some
>>> sort. But if clients are opting into the redirect, then the redirect is
>>> effectively optional. Any client that would set the accept header can
>>> instead just support alt-svc today and choose to redirect.
>>>
>>> On Wed, Jul 31, 2019 at 7:39 PM Bin Ni <nibin@quantil.com>; wrote:
>>>
>>>> Hi Chris,
>>>>
>>>> Great question!
>>>> The solution is that the server will only return the new status code
>>>> 312 if it is sure the client can support it.
>>>> The information can be from the User-Agent header, or some other
>>>> request header.
>>>> Or communicated through some other channel, for example, on a paper
>>>> contract.
>>>>
>>>> Thanks!
>>>>
>>>> Bin
>>>>
>>>>
>>>> On Wed, Jul 31, 2019 at 2:36 PM Chris Lemmons <alficles@gmail.com>;
>>>> wrote:
>>>>
>>>>> So I have to wonder about the end usefulness from an implementation
>>>>> perspective. Part of why alt-svc works is that it's optional, so
>>>>> servers can use them as optimization but everything else still works.
>>>>>
>>>>> If you have a new protocol that means basically "alt-svc, but
>>>>> mandatory", it means the CDN, load balancer, or similar service simply
>>>>> wouldn't work for any client that didn't understand the new value.
>>>>> There are a _lot_ of http clients out there. This would be a fairly
>>>>> high barrier to adoption, which would create a chicken-and-egg problem
>>>>> that would be tough to solve.
>>>>>
>>>>> On Tue, Jul 30, 2019 at 5:53 PM Bin Ni <nibin@quantil.com>; wrote:
>>>>> >
>>>>> > Hi Amos and All,
>>>>> >
>>>>> > Regarding the 30X redirect across different cache servers, it is
>>>>> already used by many big CDN companies that I know of.
>>>>> > It is proven to make the system faster without much burden on the
>>>>> front-end layer which you are concerned.
>>>>> > But 30X has the limitations I mentioned. This is why I'm proposing
>>>>> this new type of redirection to address the limitations.
>>>>> >
>>>>> https://docs.google.com/document/d/1gtF6Nq3iPe44515BfsU18dAxfCYOvQaekiezK8FEHu0/edit?usp=sharing
>>>>> > So it is not a question that this proposal will be useful or not.
>>>>> > I know it will at least be very useful to those CDNs.
>>>>> >
>>>>> > Thanks for your comments.
>>>>> > Please let me know if you have any questions.
>>>>> >
>>>>> > Bin
>>>>> >
>>>>> > On Tue, Jul 30, 2019 at 12:38 AM Amos Jeffries <squid3@treenet.co.nz>;
>>>>> wrote:
>>>>> >>
>>>>> >> On 30/07/19 7:02 am, Bin Ni wrote:
>>>>> >> > Yes, what we want is a way to force a "deterministic behavior
>>>>> from the
>>>>> >> > client", just like all the 30X redirections today.
>>>>> >> >
>>>>> >> > Let me give a few more cases in which this can be helpful:
>>>>> >> > 1. A client in North America is returned a server IP in Europe by
>>>>> the
>>>>> >> > DNS. The server then wants to direct the client to another server
>>>>> in
>>>>> >> > North America for better performance.
>>>>> >> > 2. The content of a website is hashed to multiple servers based
>>>>> on URL.
>>>>> >> > These multiple servers may not even be in the same datacenter.
>>>>> The DNS
>>>>> >> > does not have this information and may return any IP to any query
>>>>> of the
>>>>> >> > website's hostname.  Each server will calculate the hash for each
>>>>> >> > request and redirect client to the correct server that has the
>>>>> content.
>>>>> >> > This is quite common for CDN.
>>>>> >>
>>>>> >> It is common for good reason: efficiency.
>>>>> >>
>>>>> >> There is a secondary level of efficiency that comes from the
>>>>> redirects
>>>>> >> being actual HTTP 30x redirects. Having large objects at different
>>>>> URL
>>>>> >> entirely provides for a different CDN or caching layer closer to the
>>>>> >> client to provide the large object contents. DNS can be (often is)
>>>>> >> involved in that layer to provide the closest server IP.
>>>>> >>
>>>>> >> As proposed so far your mechanism would flatten this two-tier
>>>>> structure.
>>>>> >> Forcing the frontend layer (now only layer) to be involved in
>>>>> deciding
>>>>> >> the specific hardware location of individual objects / resources.
>>>>> >>  Making the frontend machinery store more information and do more
>>>>> work
>>>>> >> per-request is not going to make the system faster, quite the
>>>>> opposite.
>>>>> >>
>>>>> >>
>>>>> >> By separating the work into the three layers: frontend LB, cache,
>>>>> and
>>>>> >> origin. Each CDN layer gets some orders of magnitude increase in
>>>>> >> performance / capacity:
>>>>> >>  - origin able to handle/generate some few thousand responses per
>>>>> second,
>>>>> >>  - cache able to re-distribute those as static objects at line
>>>>> speed for
>>>>> >> an order or two magnitude more than origins,
>>>>> >>  - frontend LB able to handle millions of the small ~1KB
>>>>> >> request/response pairs for redirection spreading that high load
>>>>> across
>>>>> >> the lower layers.
>>>>> >>
>>>>> >>
>>>>> >> AYJ
>>>>> >>
>>>>> >
>>>>>
>>>>
>>>>

-- 

Bin Ni
VP of Engineering
[image: Quantil]

Connecting users with content...it's that simple.

Office: +1-888-847-9851 <(888)%20847-9851>

[image: Tweeter] <https://twitter.com/Team_Quantil>  [image: Google Plus]
<https://plus.google.com/+Quantil_team/>  [image: Linked In]
<https://www.linkedin.com/company/quantil>

The information contained in this email may be confidential and/or legally
privileged. It has been sent for the sole use of the intended recipient(s).
If the reader of this message is not an intended recipient, you are hereby
notified that any unauthorized review, use, disclosure, dissemination,
distribution, or copying of this communication, or any of its contents, is
strictly prohibited. If you have received this communication in error,
please reply to the sender and destroy all copies of the message. To
contact us directly, send to QUANTIL, INC. at 1919 S Bascom Ave #600,
Campbell, CA 95008
<https://maps.google.com/?q=1919+S+Bascom+Ave+%23600,+Campbell,+CA+95008&entry=gmail&source=g>;,
or visit our website at www.quantil.com. <https://www.quantil.com/>