[Varnish] #402: send_timeout cause connections to be prematurely closed
Varnish
varnish-bugs at projects.linpro.no
Mon Nov 16 10:54:26 CET 2009
#402: send_timeout cause connections to be prematurely closed
--------------------------------------+-------------------------------------
Reporter: havardf | Owner: phk
Type: defect | Status: closed
Priority: normal | Milestone:
Component: varnishd | Version: 2.0
Severity: normal | Resolution: worksforme
Keywords: send_timeout connections |
--------------------------------------+-------------------------------------
Changes (by phk):
* status: new => closed
* resolution: => worksforme
Comment:
Your test is not valid, because SO_SNDTIMEO works on a per-packet basis.
20 bytes per second, will only amount to 400 bytes in 20 seconds, and 400
bytes is below the payload in the 576 byte minimum MTU, so the timeout
should fire.
If I run wget with --limit-rate=20 (on FreeBSD), the initial Tcp packet
has only 512 bytes (slow-start ?) and the test fails because wget does not
reopen the TCP window within 20 seconds.
If I increase --limit-rate to 40, the connection does not get cut off,
because a packet of data is transferred more often than 20 seconds.
The intent behind send_timeout, is to prevent a client from holding a
worker thread hostage, due to bugs, malicious intent or network trouble,
and for all I can see, it works as it should.
Try for instance to fetch a multi-MB file with wget and --limit-rate=1000
and then CTRL-Z the wget. After send_timeout, the connection is broken,
as it should be.
It can be argued that different behaviours should be implemented,
depending on the client sending TCP-ACKS with shut window or the client
not responding at all, but this is not possible within the POSIX
definition of the socket API, and would likely just change DoS attacks
sematics accordingly.
Poul-Henning
--
Ticket URL: <http://varnish.projects.linpro.no/ticket/402#comment:2>
Varnish <http://varnish.projects.linpro.no/>
The Varnish HTTP Accelerator
More information about the varnish-bugs
mailing list