httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Paul Fee <>
Subject Re: OS Keep-alive on forward proxy
Date Thu, 05 Aug 2010 09:17:35 GMT
Rainer Jung wrote:


> And yes: the forward proxy does *not* do HTTP Keepalive. Technical
> reason: the connections to the origin server are pooled and retrieved
> from and returned to the pool for each request. A forward proxy usually
> talks to many diferent origin servers. Keeping those connections open in
> a naive way would lead to a lot of not well used pools. Assuming that
> during one client connection the origin server often is used for
> multiple requests this could be improved, but would bloat the already
> complicated proxy code even more.

Has mod_proxy operated in that way for a while now?  I gained most of my 
experience with mod_proxy using Apache 2.0.X.  My understanding was that 
proxy to OS connections were tightly coupled to the client to proxy 
connection.  There was a deliberate decision not to reuse proxy->OS 
connections for requests coming from other client->proxy connections as this 
may be a security risk.

The OS may attribute authorization to a connection and a subsequent request 
on this persistent connection could inherit these attributes.  Each HTTP 
request *should* be stateless and hence the next request on the same socket 
should be independent, but there was the risk that a remote (non-Apache) 
origin server may not work that way.  If the proxy->OS connection is pooled 
and reused by a different client->proxy request, does that risk confusing an 
origin server that expects all requests on the same connection to come from 
the same client?

... or have I misunderstood your description?


View raw message