IETF Logo Mail Archive

Re: http/2 prioritization/fairness bug with proxies

Nico Williams <nico@cryptonector.com> Thu, 14 February 2013 21:21 UTC

Return-Path: <ietf-http-wg-request@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 34DD221F873B for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Thu, 14 Feb 2013 13:21:28 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.595
X-Spam-Level:
X-Spam-Status: No, score=-7.595 tagged_above=-999 required=5 tests=[AWL=2.382, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HhdqIODAL1DQ for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Thu, 14 Feb 2013 13:21:20 -0800 (PST)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) by ietfa.amsl.com (Postfix) with ESMTP id EDC7221F85BB for <httpbisa-archive-bis2Juki@lists.ietf.org>; Thu, 14 Feb 2013 13:21:19 -0800 (PST)
Received: from lists by frink.w3.org with local (Exim 4.72) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1U66DZ-0003Wh-K7 for ietf-http-wg-dist@listhub.w3.org; Thu, 14 Feb 2013 21:19:45 +0000
Resent-Date: Thu, 14 Feb 2013 21:19:45 +0000
Resent-Message-Id: <E1U66DZ-0003Wh-K7@frink.w3.org>
Received: from lisa.w3.org ([128.30.52.41]) by frink.w3.org with esmtp (Exim 4.72) (envelope-from <nico@cryptonector.com>) id 1U66DR-0003Uu-G4 for ietf-http-wg@listhub.w3.org; Thu, 14 Feb 2013 21:19:37 +0000
Received: from caiajhbdcbhh.dreamhost.com ([208.97.132.177] helo=homiemail-a16.g.dreamhost.com) by lisa.w3.org with esmtp (Exim 4.72) (envelope-from <nico@cryptonector.com>) id 1U66DQ-0007V2-IX for ietf-http-wg@w3.org; Thu, 14 Feb 2013 21:19:37 +0000
Received: from homiemail-a16.g.dreamhost.com (localhost [127.0.0.1]) by homiemail-a16.g.dreamhost.com (Postfix) with ESMTP id E73E150808F for <ietf-http-wg@w3.org>; Thu, 14 Feb 2013 13:19:14 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=cryptonector.com; h= mime-version:in-reply-to:references:date:message-id:subject:from :to:cc:content-type; s=cryptonector.com; bh=jhX0CJv6risDYQaJJzqd jysRHio=; b=GsbSqRkMMJRBa7h1R/pOqmqyaPLvNbVNMDaJJGgY9JnpBTAspbzj 8S1c2d70mzT27LFQxESqUX1hbap680OqlNza8U+MU+i2vZN0kB57OELj4+ykRwjH yIpZOTVomsARvxzAayDSlUCnEN1nOBmMAie4BMFgb6rRElQ0U9XEkNk=
Received: from mail-we0-f182.google.com (mail-we0-f182.google.com [74.125.82.182]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: nico@cryptonector.com) by homiemail-a16.g.dreamhost.com (Postfix) with ESMTPSA id 7163A50808D for <ietf-http-wg@w3.org>; Thu, 14 Feb 2013 13:19:14 -0800 (PST)
Received: by mail-we0-f182.google.com with SMTP id t57so2383211wey.13 for <ietf-http-wg@w3.org>; Thu, 14 Feb 2013 13:19:13 -0800 (PST)
MIME-Version: 1.0
X-Received: by 10.194.60.5 with SMTP id d5mr80523wjr.4.1360873618454; Thu, 14 Feb 2013 12:26:58 -0800 (PST)
Received: by 10.217.39.133 with HTTP; Thu, 14 Feb 2013 12:26:57 -0800 (PST)
In-Reply-To: <CAP+FsNcGWnUooJdQ6b0EcpArc7-GvW2-SNatwS-=cK+E1j4b_g@mail.gmail.com>
References: <CAA4WUYjiBZpShKKFfHQnixc94aOLrck0oR4ykARB=hF5h8nkfA@mail.gmail.com> <3430.1359961022@critter.freebsd.dk> <510F72CE.8030003@treenet.co.nz> <CAA4WUYiBJrLjM0-vurFOuJfUaabXtK=W8N5z28yshSfrvD9crg@mail.gmail.com> <1516.1360002578@critter.freebsd.dk> <42A54D15-0AA3-4172-94F7-E94C86E84D7F@niven-jenkins.co.uk> <2346.1360010079@critter.freebsd.dk> <CAA4WUYiyu+JvFuKooqa4xVdCJP=Mngu9dgHjhH99_SEac1kCZQ@mail.gmail.com> <CABaLYCtX04se2BJ0c1yCYkwH2xvkcETdu7Pe+B8fy=DJrouo6Q@mail.gmail.com> <CAA4WUYitNR0js+5m5RHfLp-7=k-mfTUKDcayW-uzJwTgOgMyYQ@mail.gmail.com> <CABkgnnUYKDe4rZ0ZpqASkwDF2Foa_ni1rEFJH1P03k1Bv_NCog@mail.gmail.com> <CAA4WUYg+evqEMdiYSv+EZ7668eCq_dwqKiYmA4Lq-xZkoD_9Fw@mail.gmail.com> <CAK3OfOi7So1KWXdfv+UEqKAr-o1TaXiZmSmJx61WFR3J0zW_JA@mail.gmail.com> <4613980CFC78314ABFD7F85CC3027721119A440A@IL-EX10.ad.checkpoint.com> <CAK3OfOiLVfq7y4SJmoP-JyvgQc5uB8sDTrkDySMZfWqAdYf0yg@mail.gmail.com> <CAP+FsNchpZRLEfHVptV=tsLFHRP_N62QCbAcacvxoCoVhUxqkQ@mail.gmail.com> <CAK3OfOi_L+97AyoTWaNwqznnkyFR4SAHug2twKaMUPH1jbbtBQ@mail.gmail.com> <CAP+FsNegVDNfvzUMwyi-CqURcK_hWG26CFP-Fc=kjPsZL6LLiQ@mail.gmail.com> <CAK3OfOismYttmF5b5k+Qews-NLe+F5QfKNY5tXXmkv4R4EMr7w@mail.gmail.com> <CAP+FsNcGWnUooJdQ6b0EcpArc7-GvW2-SNatwS-=cK+E1j4b_g@mail.gmail.com>
Date: Thu, 14 Feb 2013 14:26:57 -0600
Message-ID: <CAK3OfOgcjfffBTW0tbdd3Du8_b5qAAbDieHrDAFCRufwxoCVVw@mail.gmail.com>
From: Nico Williams <nico@cryptonector.com>
To: Roberto Peon <grmocg@gmail.com>
Cc: Yoav Nir <ynir@checkpoint.com>, HTTP Working Group <ietf-http-wg@w3.org>
Content-Type: text/plain; charset="UTF-8"
Received-SPF: none client-ip=208.97.132.177; envelope-from=nico@cryptonector.com; helo=homiemail-a16.g.dreamhost.com
X-W3C-Hub-Spam-Status: No, score=-3.5
X-W3C-Hub-Spam-Report: AWL=-3.449, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001
X-W3C-Scan-Sig: lisa.w3.org 1U66DQ-0007V2-IX 8d0b636e25188b15e73a4bdf57548a87
X-Original-To: ietf-http-wg@w3.org
Subject: Re: http/2 prioritization/fairness bug with proxies
Archived-At: <http://www.w3.org/mid/CAK3OfOgcjfffBTW0tbdd3Du8_b5qAAbDieHrDAFCRufwxoCVVw@mail.gmail.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/16606
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

On Wed, Feb 13, 2013 at 4:43 PM, Roberto Peon <grmocg@gmail.com> wrote:
> SCTP: Unfortunately not deployable due to consumer NAT interactions.

I know :(

> Bulk-traffic: There are a number of different levels of traffic we're
> prioritizing. It isn't just 'bulk' or 'highpri'

I believe there's really only two or three categories of traffic:
bulk, non-bulk w/ Nagle algorithm, non-bulk w/o Nagle.  That's really
it.  If there are multiple bulk flows where it is not desirable for
one slow/stuck sink to cause all the other bulk flows to stop, then
you need a TCP connection per-bulk flow (or at least that one
possibly-slow flow).

But it's possible that we're talking about different thing.  One thing
is priority for server processing of requests.  Another is for proxies
-- here we have to start worrying about the multiplexing issues that
SSHv1 and SSHv2 have had, and since I think we ware talking about
proxies I keep coming back to these issues.

> Certain features require synchronization between control data and payload
> (e.g. server push).
> It is not possible to demux these without additional complexity from a
> protoco standpoint.

I don't see why.  Can you explain in more detail?

> From an implementation standpoint: I'm already running out of ephemeral port
> space. I *do Not* want to use more connections.

It's certainly what browsers do already, and have for many years.
What's the problem?

> From an implementation standpoint: It is often impossible to figure out that
> k connections belong to a single client at all loadbalancers without
> sacrificing orders of magnitude of performance. Orders of magnitude, not
> just a factor of X.

But I'm not saying you need to do that.  Nor am I implying it.

> There isn't even a guarantee that multiple connections will go to the same
> load balancer.

All that matters is that bulk traffic be on separate TCP connections
from non-bulk.  That's one bit in the request/response headers.

> Browsers have used multiple connections because of limitations in HTTP,
> which we're already solving with multiplexing.

I strongly suspect that you're not solving them.  It's not just "oh,
let's multiplex".  You need to watch out for the issues other
protocols that multiplex different flows on single TCP flows have had.
 You haven't demonstrated a grasp of those issues.

> The flow control is window-update based, however a receiver can indicate to
> a sender a value which effectively means: never limit yourself on flow
> control.

That's roughly what SSHv2 does.  It's a disaster.  If you don't
believe me, do at least go ask others who have experience in this.

Nico
--

v2.23.0 | Report a Bug | By Email