IETF Logo Mail Archive

Re: http/2 prioritization/fairness bug with proxies

Nico Williams <nico@cryptonector.com> Tue, 19 February 2013 02:09 UTC

Return-Path: <ietf-http-wg-request@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2B9EC21E805E for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Mon, 18 Feb 2013 18:09:49 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.576
X-Spam-Level:
X-Spam-Status: No, score=-7.576 tagged_above=-999 required=5 tests=[AWL=2.401, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ydBjxwUQAaG8 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Mon, 18 Feb 2013 18:09:48 -0800 (PST)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) by ietfa.amsl.com (Postfix) with ESMTP id 292D121E8053 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Mon, 18 Feb 2013 18:09:47 -0800 (PST)
Received: from lists by frink.w3.org with local (Exim 4.72) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1U7cd5-0003mQ-Gd for ietf-http-wg-dist@listhub.w3.org; Tue, 19 Feb 2013 02:08:23 +0000
Resent-Date: Tue, 19 Feb 2013 02:08:23 +0000
Resent-Message-Id: <E1U7cd5-0003mQ-Gd@frink.w3.org>
Received: from maggie.w3.org ([128.30.52.39]) by frink.w3.org with esmtp (Exim 4.72) (envelope-from <nico@cryptonector.com>) id 1U7ccx-0003ky-0D for ietf-http-wg@listhub.w3.org; Tue, 19 Feb 2013 02:08:15 +0000
Received: from caiajhbdcbhh.dreamhost.com ([208.97.132.177] helo=homiemail-a34.g.dreamhost.com) by maggie.w3.org with esmtp (Exim 4.72) (envelope-from <nico@cryptonector.com>) id 1U7ccw-0008Jw-1L for ietf-http-wg@w3.org; Tue, 19 Feb 2013 02:08:14 +0000
Received: from homiemail-a34.g.dreamhost.com (localhost [127.0.0.1]) by homiemail-a34.g.dreamhost.com (Postfix) with ESMTP id 7DF1D10062 for <ietf-http-wg@w3.org>; Mon, 18 Feb 2013 18:07:52 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=cryptonector.com; h= mime-version:in-reply-to:references:date:message-id:subject:from :to:cc:content-type; s=cryptonector.com; bh=b0EbfryLpCFZ/8lj9krQ 37OJKDY=; b=xHBoYqBb70EyyungT/vvvBgSO7ykqQm7iQ537rGznCOwvK0XzCUd KgFodj54PJIVmUJlbzdfrIXgEWVTJnYnI3tHwAMn7vPOf4FIsdZzE8/gLi8El0tZ uzEhrp64yZ3IrR9sMtr5nNtNcUhSPpiqul8pwmlp6PM2DY3SR8mJwhs=
Received: from mail-wg0-f52.google.com (mail-wg0-f52.google.com [74.125.82.52]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: nico@cryptonector.com) by homiemail-a34.g.dreamhost.com (Postfix) with ESMTPSA id 0D3E610060 for <ietf-http-wg@w3.org>; Mon, 18 Feb 2013 18:07:51 -0800 (PST)
Received: by mail-wg0-f52.google.com with SMTP id 12so5131380wgh.19 for <ietf-http-wg@w3.org>; Mon, 18 Feb 2013 18:07:50 -0800 (PST)
MIME-Version: 1.0
X-Received: by 10.180.84.165 with SMTP id a5mr24154873wiz.6.1361239670848; Mon, 18 Feb 2013 18:07:50 -0800 (PST)
Received: by 10.216.254.217 with HTTP; Mon, 18 Feb 2013 18:07:50 -0800 (PST)
In-Reply-To: <CAP+FsNeEBLiJ8oLaU+HbQOcxK3Jgt6vrzvx9j4=b5xWRMqBOOg@mail.gmail.com>
References: <CAA4WUYjiBZpShKKFfHQnixc94aOLrck0oR4ykARB=hF5h8nkfA@mail.gmail.com> <3430.1359961022@critter.freebsd.dk> <510F72CE.8030003@treenet.co.nz> <CAA4WUYiBJrLjM0-vurFOuJfUaabXtK=W8N5z28yshSfrvD9crg@mail.gmail.com> <1516.1360002578@critter.freebsd.dk> <42A54D15-0AA3-4172-94F7-E94C86E84D7F@niven-jenkins.co.uk> <2346.1360010079@critter.freebsd.dk> <CAA4WUYiyu+JvFuKooqa4xVdCJP=Mngu9dgHjhH99_SEac1kCZQ@mail.gmail.com> <CABaLYCtX04se2BJ0c1yCYkwH2xvkcETdu7Pe+B8fy=DJrouo6Q@mail.gmail.com> <CAA4WUYitNR0js+5m5RHfLp-7=k-mfTUKDcayW-uzJwTgOgMyYQ@mail.gmail.com> <CABkgnnUYKDe4rZ0ZpqASkwDF2Foa_ni1rEFJH1P03k1Bv_NCog@mail.gmail.com> <CAA4WUYg+evqEMdiYSv+EZ7668eCq_dwqKiYmA4Lq-xZkoD_9Fw@mail.gmail.com> <CAK3OfOi7So1KWXdfv+UEqKAr-o1TaXiZmSmJx61WFR3J0zW_JA@mail.gmail.com> <4613980CFC78314ABFD7F85CC3027721119A440A@IL-EX10.ad.checkpoint.com> <CAK3OfOiLVfq7y4SJmoP-JyvgQc5uB8sDTrkDySMZfWqAdYf0yg@mail.gmail.com> <CAP+FsNchpZRLEfHVptV=tsLFHRP_N62QCbAcacvxoCoVhUxqkQ@mail.gmail.com> <CAK3OfOi_L+97AyoTWaNwqznnkyFR4SAHug2twKaMUPH1jbbtBQ@mail.gmail.com> <CAP+FsNegVDNfvzUMwyi-CqURcK_hWG26CFP-Fc=kjPsZL6LLiQ@mail.gmail.com> <CAK3OfOismYttmF5b5k+Qews-NLe+F5QfKNY5tXXmkv4R4EMr7w@mail.gmail.com> <CAP+FsNcGWnUooJdQ6b0EcpArc7-GvW2-SNatwS-=cK+E1j4b_g@mail.gmail.com> <CAK3OfOgcjfffBTW0tbdd3Du8_b5qAAbDieHrDAFCRufwxoCVVw@mail.gmail.com> <CAP+FsNeEBLiJ8oLaU+HbQOcxK3Jgt6vrzvx9j4=b5xWRMqBOOg@mail.gmail.com>
Date: Mon, 18 Feb 2013 20:07:50 -0600
Message-ID: <CAK3OfOhA6E5EE_+CsH_hPppsKjpLGV81hc_t7qC_VwXJF1y4VQ@mail.gmail.com>
From: Nico Williams <nico@cryptonector.com>
To: Roberto Peon <grmocg@gmail.com>
Cc: Yoav Nir <ynir@checkpoint.com>, HTTP Working Group <ietf-http-wg@w3.org>
Content-Type: text/plain; charset="UTF-8"
Received-SPF: none client-ip=208.97.132.177; envelope-from=nico@cryptonector.com; helo=homiemail-a34.g.dreamhost.com
X-W3C-Hub-Spam-Status: No, score=-3.5
X-W3C-Hub-Spam-Report: AWL=-3.449, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001
X-W3C-Scan-Sig: maggie.w3.org 1U7ccw-0008Jw-1L f65e9db3442965e72fa1a54d19fb9ff1
X-Original-To: ietf-http-wg@w3.org
Subject: Re: http/2 prioritization/fairness bug with proxies
Archived-At: <http://www.w3.org/mid/CAK3OfOhA6E5EE_+CsH_hPppsKjpLGV81hc_t7qC_VwXJF1y4VQ@mail.gmail.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/16667
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

On Thu, Feb 14, 2013 at 3:42 PM, Roberto Peon <grmocg@gmail.com> wrote:
> On Thu, Feb 14, 2013 at 12:26 PM, Nico Williams <nico@cryptonector.com>
> wrote:
>> But it's possible that we're talking about different thing.  One thing
>> is priority for server processing of requests.  Another is for proxies
>> -- here we have to start worrying about the multiplexing issues that
>> SSHv1 and SSHv2 have had, and since I think we ware talking about
>> proxies I keep coming back to these issues.
>
> Priority and flow control are separate issues.
> Priorities are an expression of the order in which the browser wants/needs
> resources.

Ah, if that's all priorities do, then there's no issue.  However, if
they relate to traffic classes (bulk vs. non-bulk) then we have the
SSH problems.

> Flow control is for receivers which are memory constrained to be sure that
> they won't overrun memory requirements.

It's for sinks that are slow.  All receivers are memory constrained, after all.

>> > From an implementation standpoint: I'm already running out of ephemeral
>> > port
>> > space. I *do Not* want to use more connections.
>>
>> It's certainly what browsers do already, and have for many years.
>> What's the problem?
>
> Browsers do this because HTTP effectively limits you to one outstanding
> request per connection, which is effectively one request per RTT per
> connection.

Pipelining allows multiple requests to be sent before responses are
written back.  The problem is that responses must be written in the
same order as the requests.  The solution to that would be to add an
XID (like basically any RPC protocol would, e.g., ONC RPC).

> Allowing a larger concurrency per connection than 1 is what the multiplexing
> does.

I suspect that's not the only reason that browsers make multiple
concurrent connections to servers.  To be fair, the SSH problems can't
the reason either.

> Browsers are most often not the ones likely to run out of ephemeral port
> space-- that is a problem for proxies and servers.

Ah!  This is a good thing to point out.  But note that proxies are in
a decent position to know if SCTP can work (namely, they can cache
which servers it's worked for and which it hasn't).  So an SCTP
binding of HTTP might still be useful.

>> > From an implementation standpoint: It is often impossible to figure out
>> > that
>> > k connections belong to a single client at all loadbalancers without
>> > sacrificing orders of magnitude of performance. Orders of magnitude, not
>> > just a factor of X.
>>
>> But I'm not saying you need to do that.  Nor am I implying it.
>
> If there are multiple connections, then the cost of coordination for this
> kind of loadbalancing at large sites is orders of magnitude higher.
> You're telling me that you wish to use multiple connections. Unless my
> statement above is a lie, it must then follow that it will cost orders of
> magnitude more for the same coordination.

I'm telling you that if SSH multiplexing/flow control issues arise
then the best solution is to have two TCP connections: one for bulk,
and one for non-bulk.  Bulk/not-bulk adds a single boolean input to
the routing process.  I don't see how that raises the cost of load
balancing by one order of magnitude, much less two, not unless issues
like scarcity of ephemeral ports are the root cause (load balancers
are unlikely to have this problem, but proxies are).

>> > Browsers have used multiple connections because of limitations in HTTP,
>> > which we're already solving with multiplexing.
>>
>> I strongly suspect that you're not solving them.  It's not just "oh,
>> let's multiplex".  You need to watch out for the issues other
>> protocols that multiplex different flows on single TCP flows have had.
>>  You haven't demonstrated a grasp of those issues.
>
>
> Nico, I've been working closely with browser folks for quite a while (years)
> and have a good grounding in what is suboptimal today, after all, SPDY
> started as a project with a server/proxy developer (me) and a browser
> developer (Mike Belshe).

You're right, I did not express myself very well.  I apologize.  I am
concerned with any notion of flow control layered above TCP.  I'm not
as concerned about priorities now that I understand their purpose (I
did suspect we might be talking about different things.)

Nico
--

v2.23.0 | Report a Bug | By Email