> -----Original Message----- > From: Paul Fee > Sent: Donnerstag, 5. August 2010 11:18 > To: dev@httpd.apache.org > Subject: Re: OS Keep-alive on forward proxy > > Rainer Jung wrote: > > <snip> > > > And yes: the forward proxy does *not* do HTTP Keepalive. Technical > > reason: the connections to the origin server are pooled and > retrieved > > from and returned to the pool for each request. A forward > proxy usually > > talks to many diferent origin servers. Keeping those > connections open in > > a naive way would lead to a lot of not well used pools. > Assuming that > > during one client connection the origin server often is used for > > multiple requests this could be improved, but would bloat > the already > > complicated proxy code even more. > > Has mod_proxy operated in that way for a while now? I gained
Since 2.2. > most of my > experience with mod_proxy using Apache 2.0.X. My > understanding was that > proxy to OS connections were tightly coupled to the client to proxy That was true in 2.0.x yes. > connection. There was a deliberate decision not to reuse proxy->OS > connections for requests coming from other client->proxy > connections as this > may be a security risk. > > The OS may attribute authorization to a connection and a > subsequent request > on this persistent connection could inherit these attributes. > Each HTTP > request *should* be stateless and hence the next request on > the same socket > should be independent, but there was the risk that a remote > (non-Apache) > origin server may not work that way. If the proxy->OS > connection is pooled > and reused by a different client->proxy request, does that > risk confusing an > origin server that expects all requests on the same > connection to come from > the same client? It would be a bug in this server to expect them to origin from the same client as you correctly state that HTTP is a stateless protocol. Nevertheless you can turn off connection pooling in the case you are dealing with a faulty origin server. Regards Rüdiger