IETF Logo Mail Archive

Re: [hybi] Multiple connections serialization and proxies

Jamie Lokier <jamie@shareable.org> Thu, 22 April 2010 23:05 UTC

Return-Path: <jamie@shareable.org>
X-Original-To: hybi@core3.amsl.com
Delivered-To: hybi@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id E06A63A6853 for <hybi@core3.amsl.com>; Thu, 22 Apr 2010 16:05:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.076
X-Spam-Level:
X-Spam-Status: No, score=-2.076 tagged_above=-999 required=5 tests=[AWL=-0.966, BAYES_05=-1.11]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id S7tWCsi+Eib7 for <hybi@core3.amsl.com>; Thu, 22 Apr 2010 16:05:12 -0700 (PDT)
Received: from mail2.shareable.org (mail2.shareable.org [80.68.89.115]) by core3.amsl.com (Postfix) with ESMTP id 10CA33A685B for <hybi@ietf.org>; Thu, 22 Apr 2010 16:05:11 -0700 (PDT)
Received: from jamie by mail2.shareable.org with local (Exim 4.63) (envelope-from <jamie@shareable.org>) id 1O55S8-0005Z5-31; Fri, 23 Apr 2010 00:05:00 +0100
Date: Fri, 23 Apr 2010 00:05:00 +0100
From: Jamie Lokier <jamie@shareable.org>
To: Christian Biesinger <cbiesinger@gmail.com>
Message-ID: <20100422230500.GH13951@shareable.org>
References: <4BCF4932.8040303@gmail.com> <4BD09A2C.6060506@gmail.com> <x2n557ae281004221224i2a9a46c0k6f6f684c94de255c@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <x2n557ae281004221224i2a9a46c0k6f6f684c94de255c@mail.gmail.com>
User-Agent: Mutt/1.5.13 (2006-08-11)
Cc: hybi@ietf.org
Subject: Re: [hybi] Multiple connections serialization and proxies
X-BeenThere: hybi@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Server-Initiated HTTP <hybi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hybi>
List-Post: <mailto:hybi@ietf.org>
List-Help: <mailto:hybi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 22 Apr 2010 23:05:13 -0000

Christian Biesinger wrote:
> Note that if you want websockets to be similar to HTTP, it should
> always use host names instead of IP addresses for connection limits.
> At least Firefox uses hostnames for HTTP's limit, I'm not quite sure
> on the other browsers.

I agree with this.  This HTTP client behaviour is useful, and
independent WebSocket service providers should not be penalised by
interference with unrelated services just because their hosting
provider decides to share IP addresses among different customers.

That way would put pointless pressure on the IP address space, the
opposite of what is achieved with HTTP by Host now.

That said, there is a case for a finite but higher connecting-state
concurrency limit per IP, to resist connection-setup DOS attacks where
a wildcard DNS is used by the attacker.  If implemented, this should
probably coordinated with HTTP somehow, not a WebSocket-only feature.

-- Jamie

v2.23.0 | Report a Bug | By Email