On 05.08.2010 05:45, Ryujiro Shibuya wrote:
Hi,
Can you tell if the OS Keep-alive feature should be expected to work on
forward proxy?
The mod_proxy of latest httpd 2.2 and trunk (2.3) has OS Keep-alive
(Keep-alive connection to origin server) feature, but it seems not working
when we configure the httpd as the forward proxy server.
If the client connection is kept alive, the proxy sends indeed "Connection:
Keep-alive" to the origin server but the proxy doesn't actually try to keep
the OS connection alive; it closes the OS connection immediately after
receiving the response.
The inconsistency between sending "Connection: Keep-alive" and immediate
connection closing looks like a defect (and I've just posted a bug report
49699). But apart from the inconsistency, I wonder if the OS Keep-alive of
mod_proxy is designed to work for the forward proxy in the first place.
OS Keepalive and HTTP Keepalive are two totally different things.
OS Keepalive: if a connection is open but idle for a long time
(configurable), then the OS automatically sends empty TCP packets over
the connection in OS dependent intervals.
HTTP Keepalive: Signalling via HTTP "Connection" header, whether the
connections is supposed to be kept open and eventually reused for
another HTTP request/response.
OS Keepalive does not imply HTTP Keepalive. For all reasonable
configurations (except possible server to server communication), HTTP
Keepalive timeout will be much shorter than the minimum idle time,
before OS Keepalive packets are send. So OS Keepalive for most HTTP
communications is not relevant.
And yes: the forward proxy does *not* do HTTP Keepalive. Technical
reason: the connections to the origin server are pooled and retrieved
from and returned to the pool for each request. A forward proxy usually
talks to many diferent origin servers. Keeping those connections open in
a naive way would lead to a lot of not well used pools. Assuming that
during one client connection the origin server often is used for
multiple requests this could be improved, but would bloat the already
complicated proxy code even more.
Regards,
Rainer
