IETF Logo Mail Archive

Re: [hybi] New port and Tunneling?

Willy Tarreau <w@1wt.eu> Mon, 16 August 2010 19:15 UTC

Return-Path: <w@1wt.eu>
X-Original-To: hybi@core3.amsl.com
Delivered-To: hybi@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 901923A68AC for <hybi@core3.amsl.com>; Mon, 16 Aug 2010 12:15:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.787
X-Spam-Level:
X-Spam-Status: No, score=-2.787 tagged_above=-999 required=5 tests=[AWL=-0.744, BAYES_00=-2.599, HELO_IS_SMALL6=0.556]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RzeDfe+Ygupq for <hybi@core3.amsl.com>; Mon, 16 Aug 2010 12:15:23 -0700 (PDT)
Received: from 1wt.eu (1wt.eu [62.212.114.60]) by core3.amsl.com (Postfix) with ESMTP id 5D5EE3A6A47 for <hybi@ietf.org>; Mon, 16 Aug 2010 12:15:21 -0700 (PDT)
Received: (from willy@localhost) by mail.home.local (8.14.4/8.14.4/Submit) id o7GJFmbC002782; Mon, 16 Aug 2010 21:15:48 +0200
Date: Mon, 16 Aug 2010 21:15:48 +0200
From: Willy Tarreau <w@1wt.eu>
To: Greg Wilkins <gregw@webtide.com>
Message-ID: <20100816191548.GB2690@1wt.eu>
References: <52530df7491f03990cbfffd3eb49bcb6.squirrel@sm.webmail.pair.com> <AANLkTi==qsBWRDhxten+fV91bYiBhJ_vhSoqPNpsp3Pb@mail.gmail.com> <28d4e6c08e65e43899d59478e332a8aa.squirrel@sm.webmail.pair.com> <AANLkTikCKFCCWue5xqGhNssUSCuf_uEQyuCoW9GGH2N5@mail.gmail.com> <f5eacee9dece3b4feb6ebcd017bd5977.squirrel@sm.webmail.pair.com> <AANLkTikMY0CHSqvQU9uRHiDrmotQDP1dtWwkiLAOYr=9@mail.gmail.com> <20100816051831.GN27614@1wt.eu> <AANLkTi==Tf2zzNeP9jaRzuw7P+dnbsqhkVF046rk0k3S@mail.gmail.com> <20100816060333.GP27614@1wt.eu> <AANLkTin8mv9dsjmamd3OLJRY96oPMC_sLTLtgEbmWfT-@mail.gmail.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <AANLkTin8mv9dsjmamd3OLJRY96oPMC_sLTLtgEbmWfT-@mail.gmail.com>
User-Agent: Mutt/1.4.2.3i
Cc: hybi@ietf.org
Subject: Re: [hybi] New port and Tunneling?
X-BeenThere: hybi@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Server-Initiated HTTP <hybi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hybi>
List-Post: <mailto:hybi@ietf.org>
List-Help: <mailto:hybi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 16 Aug 2010 19:15:24 -0000

Hi Greg,

On Mon, Aug 16, 2010 at 05:43:13PM +1000, Greg Wilkins wrote:
(...)
> Thus it is likely that websocket handshake will be tried and if it is
> not supported by the network infrastructure, then the upgrade header
> will not be passed on or the server will not send a 101.  This leaves
> a perfectly valid HTTP connection that could be used for BOSH/Comet.

In fact, not from my observations for a simple reason : the intermediaries
I've seen failing on 101 always abruptly closed the connection. But that
does not preclude that the connection will never be usable, just that in
some (most?) situations, the connection will have to be reopened.

> > Now that you're talking about it, I now remember why we suggested the close
> > on the server side too. Last week I told Ian I forgot the reason. It was
> > precisely for that : ensure the proxy won't process the next request without
> > blocking it at the request level. Basically, if the server sends a close but
> > not the client, then the proxy will not try to process the second request,
> > even if it does not understand the Upgrade. This will result in a faster
> > fail.
> 
> I'm not following exactly.  However I find it unlikely that an
> intermediary that does not correctly handle the connection header for
> upgrades would correctly handle it for close.

The connection header (I mean "connection: close") has been used for at
least 10 years and is really mandatory to get HTTP messaging right. The
Upgrade header has only been referred to in the RFC2817 and was not as
much used. I *believe* it is also used by some remote desktop protocols
that start as HTTP and switch to their own protocol, though I can't
verify it.

And most of the components I've seen don't support Upgrade yet while
they've been supporting "connection: close" for ages.

(...)
> >> Adding a simple checksum to
> >> the framing would also quickly detect most varieties of intermediaries
> >> not acting as pure tunnels.
> >
> > Possibly, but if we're worried about them, then we should as well support
> > acknowledgements, because when connections are cut on timeout, you never
> > know what part has correctly been forwarded. But doing all this will result
> > in a more complex protocol. Probably that the checksum could be added later
> > as an extension in the frames if needed.
> 
> If you have ping/pong, then you effectively can have acknowledged delivery.
> Send a message, send a ping, when you get the pong you know the
> message has been delivered.

That's a very smart idea. Simple and efficient. Can be used as an explicit
ACK when needed and does not require more round trips at all !

Regards,
Willy

v2.23.0 | Report a Bug | By Email