Re: Design Issue: Max Concurrent Streams Limit and Unidirectional Streams

Roberto Peon <grmocg@gmail.com> Mon, 29 April 2013 22:00 UTC

Return-Path: <ietf-http-wg-request@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9F0FA21F9C42 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Mon, 29 Apr 2013 15:00:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.298
X-Spam-Level:
X-Spam-Status: No, score=-10.298 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id v3xJX5eNkjo4 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Mon, 29 Apr 2013 15:00:30 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) by ietfa.amsl.com (Postfix) with ESMTP id AB13B21F9C15 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Mon, 29 Apr 2013 15:00:24 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.72) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1UWw7A-0002jx-Op for ietf-http-wg-dist@listhub.w3.org; Mon, 29 Apr 2013 22:00:04 +0000
Resent-Date: Mon, 29 Apr 2013 22:00:04 +0000
Resent-Message-Id: <E1UWw7A-0002jx-Op@frink.w3.org>
Received: from lisa.w3.org ([128.30.52.41]) by frink.w3.org with esmtp (Exim 4.72) (envelope-from <grmocg@gmail.com>) id 1UWw70-0000TP-Of for ietf-http-wg@listhub.w3.org; Mon, 29 Apr 2013 21:59:54 +0000
Received: from mail-oa0-f51.google.com ([209.85.219.51]) by lisa.w3.org with esmtps (TLS1.0:RSA_ARCFOUR_SHA1:16) (Exim 4.72) (envelope-from <grmocg@gmail.com>) id 1UWw6z-00072z-Cn for ietf-http-wg@w3.org; Mon, 29 Apr 2013 21:59:54 +0000
Received: by mail-oa0-f51.google.com with SMTP id k14so6552325oag.24 for <ietf-http-wg@w3.org>; Mon, 29 Apr 2013 14:59:27 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:x-received:in-reply-to:references:date:message-id :subject:from:to:cc:content-type; bh=GeOiMbFSZkU5TZpI3uw8mYhp/7m45XGtOiUolA3p5UQ=; b=Y7svCpRgRMeq5O8FTt4OiBT0+CRZ2W0A6byPJDXMeBs6Z/CG3F8oUU9Evt12MLLM9U jCx6Sk8mMFTpvDbZaVcTea0oKO+WoTlYlL9/i4L9vaqhM5Xe+TzlfY581BSIcMZs49Rh ukuWuEAUkQOpfTqRuQNYFvzODOON/hJI0EZI379eteoyMmMNxy4saArgSKyo5HuoiRpv dYZVN409pQamRttZji3TiS3aGySNiZM7qb8/bJEkLbr0yk9KksPprvYVqFUzRlrTwOAd iYn8/B7sun/4J/GbgxQJTZcg7JytrBwd37YQYwUzFnHU9stAohYN3pilt10iUCzBczKw jvmg==
MIME-Version: 1.0
X-Received: by 10.182.143.7 with SMTP id sa7mr5103104obb.0.1367272767519; Mon, 29 Apr 2013 14:59:27 -0700 (PDT)
Received: by 10.76.130.139 with HTTP; Mon, 29 Apr 2013 14:59:27 -0700 (PDT)
In-Reply-To: <CAA4WUYgdtTzXLT8T5Ena2f8jMOSH86SCAjELLzNOSpcrM6EPDg@mail.gmail.com>
References: <CABP7RbdBe-Xkx+CMvpN=_oNAqm6SyLyL+XNHRUKSqn8mjSDw1Q@mail.gmail.com> <CAA4WUYgCiyWerT0tUUVKcbNPqdTGuXHd_MG59DjcUsEWst5t7g@mail.gmail.com> <CABkgnnVdU=cZ53Bqg5Un=E80NMpcgYO37DVmwUFW0O-i7SNf8w@mail.gmail.com> <CAA4WUYhz64FsEGgGhx91RfWwuPPxWdAkesOV-bmqWVWE7ZxdjA@mail.gmail.com> <CABP7RbcKQkn1o4WZscwNmSmm6YzqE_TKxPr4jnozNdaVqpZ7=A@mail.gmail.com> <CAA4WUYhF6rAZoYEaz4aJO6xawaJxzxGt=Bkg4H9eBOP-LBSRmQ@mail.gmail.com> <CAP+FsNezQzxdZEJY_2_0h_TR2pBbVsGyGBhQhKcm-65pt6S8rQ@mail.gmail.com> <CABP7RbevS8M0q9OxzPncqY_gE34q5-ymdg2hOX2SQgSUNkhzsw@mail.gmail.com> <CAA4WUYjAbuUqz9RdO+-p3a4EsyuS=Gv0rS-U-Vh+ZCjtDjFy6w@mail.gmail.com> <CAP+FsNec2LLZMjtGhSX-1q8qg66WtBoM5K0yMrs5m4VKXb5OVg@mail.gmail.com> <CAA4WUYgAT64jj=Am06MsA02A+eAcDrVbbgb4opO37bnMkWTPfg@mail.gmail.com> <CAP+FsNfRHGopsDpX4nbs7ojqcHq69v8aaQJwvXDOrtCs_u5r5g@mail.gmail.com> <CAA4WUYgdtTzXLT8T5Ena2f8jMOSH86SCAjELLzNOSpcrM6EPDg@mail.gmail.com>
Date: Mon, 29 Apr 2013 14:59:27 -0700
Message-ID: <CAP+FsNdB2wdaYPpSkosEsFKx=vDmMK7ZW7Sskjp+mnSVitOsDQ@mail.gmail.com>
From: Roberto Peon <grmocg@gmail.com>
To: =?UTF-8?B?V2lsbGlhbSBDaGFuICjpmYjmmbrmmIwp?= <willchan@chromium.org>
Cc: James M Snell <jasnell@gmail.com>, HTTP Working Group <ietf-http-wg@w3.org>, Martin Thomson <martin.thomson@gmail.com>
Content-Type: multipart/alternative; boundary=e89a8ff256229edc0904db86ff28
Received-SPF: pass client-ip=209.85.219.51; envelope-from=grmocg@gmail.com; helo=mail-oa0-f51.google.com
X-W3C-Hub-Spam-Status: No, score=-4.4
X-W3C-Hub-Spam-Report: AWL=-1.727, BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001
X-W3C-Scan-Sig: lisa.w3.org 1UWw6z-00072z-Cn 90aac31cd3c0b1b5ab1dd19f7632eabb
X-Original-To: ietf-http-wg@w3.org
Subject: Re: Design Issue: Max Concurrent Streams Limit and Unidirectional Streams
Archived-At: <http://www.w3.org/mid/CAP+FsNdB2wdaYPpSkosEsFKx=vDmMK7ZW7Sskjp+mnSVitOsDQ@mail.gmail.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/17689
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

Yup.
-=R


On Mon, Apr 29, 2013 at 2:58 PM, William Chan (陈智昌)
<willchan@chromium.org>wrote:

> OK :) Well, we can discuss that alternative if we want to revisit the
> earlier decision, but I'm happy to move forward with what we already agreed
> upon earlier.
>
>
> On Mon, Apr 29, 2013 at 6:56 PM, Roberto Peon <grmocg@gmail.com>; wrote:
>
>> I do remember :)
>> Honestly I like the IANA port or NPN string thing or something similar,
>> because it gives us other information that we'd otherwise have to parse out
>> of the HEADERS thing, but, it is the lowest complexity alternative.
>> -=R
>>
>>
>> On Mon, Apr 29, 2013 at 2:44 PM, William Chan (陈智昌) <
>> willchan@chromium.org>; wrote:
>>
>>> Remember we originally *had* a flag for UNIDIRECTIONAL, which we removed
>>> because it was redundant in the traditional HTTP use cases.
>>>
>>>
>>> On Mon, Apr 29, 2013 at 6:39 PM, Roberto Peon <grmocg@gmail.com>; wrote:
>>>
>>>> At worst, we burn a flag which states it is half-closed or
>>>> unidirectional, or provide some other information which identifies the IANA
>>>> port number for the overlayed protocol or something.
>>>>  Anyway, *shrug*.
>>>> -=R
>>>>
>>>>
>>>> On Mon, Apr 29, 2013 at 2:32 PM, William Chan (陈智昌) <
>>>> willchan@chromium.org>; wrote:
>>>>
>>>>> On Mon, Apr 29, 2013 at 6:17 PM, James M Snell <jasnell@gmail.com>wrote:
>>>>>
>>>>>> +1 on this.  I like this approach.
>>>>>>  On Apr 29, 2013 2:15 PM, "Roberto Peon" <grmocg@gmail.com>; wrote:
>>>>>>
>>>>>>> I had thought to provide no explicit limit for PUSH_PROMISE, just as
>>>>>>> there is no limit to the size of a webpage, or the number of links upon it.
>>>>>>> The memory requirements for PUSH are similar or the same (push
>>>>>>> should consume a single additional bit of overhead per url, when one
>>>>>>> considers that the URL should be parsed, enqueued, etc.).
>>>>>>> If the browser isn't done efficiently, or, the server is for some
>>>>>>> unknown reason being stupid and attempting to DoS the browser with many
>>>>>>> resources that it will never use, then the client sends RST_STREAM for the
>>>>>>> ones it doesn't want, and makes a request on its own. all tidy.
>>>>>>>
>>>>>>
>>>>> I don't feel too strongly here. I do feel like this is more of an edge
>>>>> case, possibly important for forward proxies (or reverse proxies speaking
>>>>> to backends over a multiplexed channel like HTTP/2). It doesn't really
>>>>> matter for my browser, so unless servers chime in and say they'd prefer a
>>>>> limit, I'm fine with this.
>>>>>
>>>>>
>>>>>>> As for PUSH'd streams, the easiest solution is likely to assume that
>>>>>>> the stream starts out in a half-closed state.
>>>>>>>
>>>>>>
>>>>>  I looked into our earlier email threads and indeed this is what we
>>>>> agreed on (
>>>>> http://lists.w3.org/Archives/Public/ietf-http-wg/2013JanMar/1106.html).
>>>>> I voiced some mild objection since if you view the HTTP/2 framing layer as
>>>>> a transport for another application protocol, then bidirectional server
>>>>> initiated streams might be nice. But in absence of any such protocol, this
>>>>> is a nice simplification.
>>>>>
>>>>>
>>>>>> -=R
>>>>>>>
>>>>>>>
>>>>>>> On Mon, Apr 29, 2013 at 12:33 PM, William Chan (陈智昌) <
>>>>>>> willchan@chromium.org>; wrote:
>>>>>>>
>>>>>>>> On Mon, Apr 29, 2013 at 3:46 PM, James M Snell <jasnell@gmail.com>wrote:
>>>>>>>>
>>>>>>>>>
>>>>>>>>> On Apr 29, 2013 11:36 AM, "William Chan (陈智昌)" <
>>>>>>>>> willchan@chromium.org>; wrote:
>>>>>>>>> >
>>>>>>>>> [snip]
>>>>>>>>> >
>>>>>>>>> >
>>>>>>>>> > Oops, forgot about that. See, the issue with that is now we've
>>>>>>>>> made PUSH_PROMISE as potentially expensive as a HEADERS frame, since it
>>>>>>>>> does more than just simple stream id allocation. I guess it's not really a
>>>>>>>>> huge issue, since if it's used correctly (in the matter you described),
>>>>>>>>> then it shouldn't be too expensive. If clients attempt to abuse it, then
>>>>>>>>> servers should probably treat it in a similar manner as they treat people
>>>>>>>>> trying to abuse header compression in all other frames with the header
>>>>>>>>> block, and kill the connection accordingly.
>>>>>>>>> >
>>>>>>>>>
>>>>>>>>> Not just "potentially" as expensive..   As soon as we get a push
>>>>>>>>> promise we need to allocate state and hold onto it for an indefinite period
>>>>>>>>> of time. We do not yet know exactly when that compression context can be
>>>>>>>>> let go because it has not yet been bound to stream state.  Do push streams
>>>>>>>>> all share the same compression state? Do those share the same compression
>>>>>>>>> state as the originating stream? The answers might be obvious but they
>>>>>>>>> haven't yet been written down.
>>>>>>>>>
>>>>>>>>
>>>>>>>> I guess I don't see per-stream state as being that expensive.
>>>>>>>> Compression contexts are a fixed state on a per-connection basis, meaning
>>>>>>>> that additional streams don't add to that state. The main cost, as I see
>>>>>>>> it, is the decompressed headers. I said potentially since that basically
>>>>>>>> only means the URL (unless there are other headers important for caching
>>>>>>>> due to Vary), and additional headers can come in the HEADERS frame. Also,
>>>>>>>> PUSH_PROMISE doesn't require allocating other state, like backend/DB
>>>>>>>> connections, if you only want to be able to handle
>>>>>>>> (#MAX_CONCURRENT_STREAMs) of those backend connections in parallel.
>>>>>>>>
>>>>>>>> If they're not specified, then we should specify it, but I've
>>>>>>>> always understood the header compression contexts to be directional and
>>>>>>>> apply to all frames sending headers in a direction. Therefore there should
>>>>>>>> be two compression contexts in a connection, one for header blocks being
>>>>>>>> sent and one for header blocks being received. If this is controversial,
>>>>>>>> let's fork a thread and discuss it.
>>>>>>>>
>>>>>>>>
>>>>>>>>>  >>
>>>>>>>>> >>
>>>>>>>>> >> > As far as the potential problem above, the root problem is
>>>>>>>>> that when you
>>>>>>>>> >> > have limits you can have hangs. We see this all the time
>>>>>>>>> today with browsers
>>>>>>>>> >> > (it's only reason people do domain sharding so they can
>>>>>>>>> bypass limits). I'm
>>>>>>>>> >> > not sure I see the value of introducing the new proposed
>>>>>>>>> limits. They don't
>>>>>>>>> >> > solve the hangs, and I don't think the granularity addresses
>>>>>>>>> any of the
>>>>>>>>> >> > costs in a finer grained manner. I'd like to hear
>>>>>>>>> clarification on what
>>>>>>>>> >> > costs the new proposed limits will address.
>>>>>>>>> >>
>>>>>>>>> >> I don't believe that the proposal improves the situation enough
>>>>>>>>> (or at
>>>>>>>>> >> all) to justify the additional complexity.  That's something
>>>>>>>>> that you
>>>>>>>>> >> need to assess for yourself.  This proposal provides more
>>>>>>>>> granular
>>>>>>>>> >> control, but it doesn't address the core problem, which is that
>>>>>>>>> you
>>>>>>>>> >> and I can only observe each other actions after some delay,
>>>>>>>>> which
>>>>>>>>> >> means that we can't coordinate those actions perfectly.  Nor
>>>>>>>>> can be
>>>>>>>>> >> build a perfect model of the other upon which to observe and
>>>>>>>>> act upon.
>>>>>>>>> >>  The usual protocol issue.
>>>>>>>>> >
>>>>>>>>> >
>>>>>>>>> > OK then. My proposal is to add a new limit for PUSH_PROMISE
>>>>>>>>> frames though, separately from the MAX_CONCURRENT_STREAMS limit, since
>>>>>>>>> PUSH_PROMISE exists as a promise to create a stream, explicitly so we don't
>>>>>>>>> have to count it toward the existing MAX_CONCURRENT_STREAMS limit (I
>>>>>>>>> searched the spec and this seems to be inadequately specced). Roberto and I
>>>>>>>>> discussed that before and may have written an email somewhere in spdy-dev@,
>>>>>>>>> but I don't think we've ever raised it here.
>>>>>>>>> >
>>>>>>>>>
>>>>>>>>> Well,  there is an issue tracking it in the github repo now, at
>>>>>>>>> least.  As currently defined in the spec,  it definitely needs to be
>>>>>>>>> addressed.
>>>>>>>>>
>>>>>>>> Great. You guys are way better than I am about tracking all known
>>>>>>>> issues. I just have it mapped fuzzily in my head :)
>>>>>>>>
>>>>>>>
>>>>>>>
>>>>>
>>>>
>>>
>>
>