Re: Design Issue: Max Concurrent Streams Limit and Unidirectional Streams

Roberto Peon <grmocg@gmail.com> Mon, 29 April 2013 21:17 UTC

Return-Path: <ietf-http-wg-request@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 232E221F9B97 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Mon, 29 Apr 2013 14:17:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.298
X-Spam-Level:
X-Spam-Status: No, score=-10.298 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Mr0dDAK7KDub for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Mon, 29 Apr 2013 14:17:17 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) by ietfa.amsl.com (Postfix) with ESMTP id A80D421F9C2C for <httpbisa-archive-bis2Juki@lists.ietf.org>; Mon, 29 Apr 2013 14:17:03 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.72) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1UWvQd-0002RV-0h for ietf-http-wg-dist@listhub.w3.org; Mon, 29 Apr 2013 21:16:07 +0000
Resent-Date: Mon, 29 Apr 2013 21:16:07 +0000
Resent-Message-Id: <E1UWvQd-0002RV-0h@frink.w3.org>
Received: from lisa.w3.org ([128.30.52.41]) by frink.w3.org with esmtp (Exim 4.72) (envelope-from <grmocg@gmail.com>) id 1UWvQS-0002Pg-IM for ietf-http-wg@listhub.w3.org; Mon, 29 Apr 2013 21:15:56 +0000
Received: from mail-oa0-f53.google.com ([209.85.219.53]) by lisa.w3.org with esmtps (TLS1.0:RSA_ARCFOUR_SHA1:16) (Exim 4.72) (envelope-from <grmocg@gmail.com>) id 1UWvQR-0004nI-3U for ietf-http-wg@w3.org; Mon, 29 Apr 2013 21:15:56 +0000
Received: by mail-oa0-f53.google.com with SMTP id m6so6459041oag.40 for <ietf-http-wg@w3.org>; Mon, 29 Apr 2013 14:15:29 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:x-received:in-reply-to:references:date:message-id :subject:from:to:cc:content-type; bh=WDJ6yhiD1maTwlgkwqAnSlMs3yHQpPt2hpkHfhx5otQ=; b=GRMcBFEo29XUN7sZMJZyzBu/2q0QGXxg9//Xg6cDesou/82/Xh6k9Q1VEUA+jJe/sj f+QqEycmTTmr4YK7/s5E2l7mlXQG2fA69Pa90Xe680YlK7TUImU+GkOn8MbxABSi6wrx NXt4+y/o3dL6C5OwYZXjdAz2sMy4ywKoNNDlVoqXwYcPdxfz3HFOPsra+djEwSit+jNC sw9XoJwMhtCCbXnFa67ap6BhLcozlskAby3se2jogqZ45YoWmT5VHglKFgFZeS0/bDT8 jiphFZyuBmCkKKCt2H3fdF3YAS/1heHv5fVRBWC71kxYi1P51Ate4dI+5GYTQ9DUi2DI llaA==
MIME-Version: 1.0
X-Received: by 10.60.83.103 with SMTP id p7mr3722761oey.130.1367270129219; Mon, 29 Apr 2013 14:15:29 -0700 (PDT)
Received: by 10.76.130.139 with HTTP; Mon, 29 Apr 2013 14:15:29 -0700 (PDT)
In-Reply-To: <CAA4WUYhF6rAZoYEaz4aJO6xawaJxzxGt=Bkg4H9eBOP-LBSRmQ@mail.gmail.com>
References: <CABP7RbdBe-Xkx+CMvpN=_oNAqm6SyLyL+XNHRUKSqn8mjSDw1Q@mail.gmail.com> <CAA4WUYgCiyWerT0tUUVKcbNPqdTGuXHd_MG59DjcUsEWst5t7g@mail.gmail.com> <CABkgnnVdU=cZ53Bqg5Un=E80NMpcgYO37DVmwUFW0O-i7SNf8w@mail.gmail.com> <CAA4WUYhz64FsEGgGhx91RfWwuPPxWdAkesOV-bmqWVWE7ZxdjA@mail.gmail.com> <CABP7RbcKQkn1o4WZscwNmSmm6YzqE_TKxPr4jnozNdaVqpZ7=A@mail.gmail.com> <CAA4WUYhF6rAZoYEaz4aJO6xawaJxzxGt=Bkg4H9eBOP-LBSRmQ@mail.gmail.com>
Date: Mon, 29 Apr 2013 14:15:29 -0700
Message-ID: <CAP+FsNezQzxdZEJY_2_0h_TR2pBbVsGyGBhQhKcm-65pt6S8rQ@mail.gmail.com>
From: Roberto Peon <grmocg@gmail.com>
To: =?UTF-8?B?V2lsbGlhbSBDaGFuICjpmYjmmbrmmIwp?= <willchan@chromium.org>
Cc: James M Snell <jasnell@gmail.com>, HTTP Working Group <ietf-http-wg@w3.org>, Martin Thomson <martin.thomson@gmail.com>
Content-Type: multipart/alternative; boundary=089e011775075d8d4204db8662e1
Received-SPF: pass client-ip=209.85.219.53; envelope-from=grmocg@gmail.com; helo=mail-oa0-f53.google.com
X-W3C-Hub-Spam-Status: No, score=-4.4
X-W3C-Hub-Spam-Report: AWL=-1.736, BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001
X-W3C-Scan-Sig: lisa.w3.org 1UWvQR-0004nI-3U f90447e6320d8dd9a7c886001c461992
X-Original-To: ietf-http-wg@w3.org
Subject: Re: Design Issue: Max Concurrent Streams Limit and Unidirectional Streams
Archived-At: <http://www.w3.org/mid/CAP+FsNezQzxdZEJY_2_0h_TR2pBbVsGyGBhQhKcm-65pt6S8rQ@mail.gmail.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/17679
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

I had thought to provide no explicit limit for PUSH_PROMISE, just as there
is no limit to the size of a webpage, or the number of links upon it.
The memory requirements for PUSH are similar or the same (push should
consume a single additional bit of overhead per url, when one considers
that the URL should be parsed, enqueued, etc.).
If the browser isn't done efficiently, or, the server is for some unknown
reason being stupid and attempting to DoS the browser with many resources
that it will never use, then the client sends RST_STREAM for the ones it
doesn't want, and makes a request on its own. all tidy.

As for PUSH'd streams, the easiest solution is likely to assume that the
stream starts out in a half-closed state.
-=R


On Mon, Apr 29, 2013 at 12:33 PM, William Chan (陈智昌)
<willchan@chromium.org>wrote:

> On Mon, Apr 29, 2013 at 3:46 PM, James M Snell <jasnell@gmail.com>; wrote:
>
>>
>> On Apr 29, 2013 11:36 AM, "William Chan (陈智昌)" <willchan@chromium.org>;
>> wrote:
>> >
>> [snip]
>> >
>> >
>> > Oops, forgot about that. See, the issue with that is now we've made
>> PUSH_PROMISE as potentially expensive as a HEADERS frame, since it does
>> more than just simple stream id allocation. I guess it's not really a huge
>> issue, since if it's used correctly (in the matter you described), then it
>> shouldn't be too expensive. If clients attempt to abuse it, then servers
>> should probably treat it in a similar manner as they treat people trying to
>> abuse header compression in all other frames with the header block, and
>> kill the connection accordingly.
>> >
>>
>> Not just "potentially" as expensive..   As soon as we get a push promise
>> we need to allocate state and hold onto it for an indefinite period of
>> time. We do not yet know exactly when that compression context can be let
>> go because it has not yet been bound to stream state.  Do push streams all
>> share the same compression state? Do those share the same compression state
>> as the originating stream? The answers might be obvious but they haven't
>> yet been written down.
>>
>
> I guess I don't see per-stream state as being that expensive. Compression
> contexts are a fixed state on a per-connection basis, meaning that
> additional streams don't add to that state. The main cost, as I see it, is
> the decompressed headers. I said potentially since that basically only
> means the URL (unless there are other headers important for caching due to
> Vary), and additional headers can come in the HEADERS frame. Also,
> PUSH_PROMISE doesn't require allocating other state, like backend/DB
> connections, if you only want to be able to handle
> (#MAX_CONCURRENT_STREAMs) of those backend connections in parallel.
>
> If they're not specified, then we should specify it, but I've always
> understood the header compression contexts to be directional and apply to
> all frames sending headers in a direction. Therefore there should be two
> compression contexts in a connection, one for header blocks being sent and
> one for header blocks being received. If this is controversial, let's fork
> a thread and discuss it.
>
>
>>  >>
>> >>
>> >> > As far as the potential problem above, the root problem is that when
>> you
>> >> > have limits you can have hangs. We see this all the time today with
>> browsers
>> >> > (it's only reason people do domain sharding so they can bypass
>> limits). I'm
>> >> > not sure I see the value of introducing the new proposed limits.
>> They don't
>> >> > solve the hangs, and I don't think the granularity addresses any of
>> the
>> >> > costs in a finer grained manner. I'd like to hear clarification on
>> what
>> >> > costs the new proposed limits will address.
>> >>
>> >> I don't believe that the proposal improves the situation enough (or at
>> >> all) to justify the additional complexity.  That's something that you
>> >> need to assess for yourself.  This proposal provides more granular
>> >> control, but it doesn't address the core problem, which is that you
>> >> and I can only observe each other actions after some delay, which
>> >> means that we can't coordinate those actions perfectly.  Nor can be
>> >> build a perfect model of the other upon which to observe and act upon.
>> >>  The usual protocol issue.
>> >
>> >
>> > OK then. My proposal is to add a new limit for PUSH_PROMISE frames
>> though, separately from the MAX_CONCURRENT_STREAMS limit, since
>> PUSH_PROMISE exists as a promise to create a stream, explicitly so we don't
>> have to count it toward the existing MAX_CONCURRENT_STREAMS limit (I
>> searched the spec and this seems to be inadequately specced). Roberto and I
>> discussed that before and may have written an email somewhere in spdy-dev@,
>> but I don't think we've ever raised it here.
>> >
>>
>> Well,  there is an issue tracking it in the github repo now, at least.
>> As currently defined in the spec,  it definitely needs to be addressed.
>>
> Great. You guys are way better than I am about tracking all known issues.
> I just have it mapped fuzzily in my head :)
>