httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Daniel Ruggeri <>
Subject Re: svn commit: r1389575 - /httpd/httpd/trunk/CHANGES
Date Tue, 25 Sep 2012 22:22:07 GMT
On 9/25/2012 6:45 AM, Jim Jagielski wrote:
> The long-term intent for the above is to support a new load
> balancer provider, which uses the response header info
> from the backend for its balancing calculations. It would
> be great if we could define some sort of "universal"
> (unofficial but commonly used) header and format so that
> httpd could balancer other backends...
> Thoughts? Suggestions?

This has long been a thought of mine as well. I support the idea, but
there are some landmines in that field. FWIW, in my environment one
could easily write a simple servlet filter to sit in front of J2EE
containers to provide this info. Agreed, no "standard" header exists but
I dare say that if one is chosen, it'd be great for the format to be
well communicated and shared for many backend providers.

On the flip side, giving this information out in http headers could be
dangerous. Taking httpd out of the equation, this has pretty wide
implications. Depending on how the calculations are communicated, one
may be able to determine how effective a denial of service attack is
based on the numbers returned by the server. If the end user has a way
to influence the load balancer and pick the backend, they could
systematically target each backend (with realtime feedback) and take one
out at a time. Sure, httpd could drop this header before replying to the
client, but I foresee a huge lack adoption because httpd isn't the only
webserver in the world (it's just the best).

First crack at a header proposal?
A response header named X-Load-Factor which contains an integer from 0
to a mutually agreed upon integer (0 to 100 for example). The higher the
number, the more load the server advertises it would like to handle.
Servers are given the freedom to choose how they calculate the value of
the header. An upstream loadbalancer or proxy would therefore direct
traffic to the backend that advertises the highest load factor or fall
back to a different load algorithm should two backends advertise the
same load factor. In the event all backends do not have the header, the
fallback load algorithm is used. In the event one backend does not
return the X-Load-Factor header, its practical load factor becomes 0.

Daniel Ruggeri

View raw message