Tim Düsterhus <t...@bastelstu.be> wrote: > Amaury, > Am 21.01.21 um 16:40 schrieb (Amaury Denoyelle): > > I have a question for you on the case of the proxy protocol. One of > > these special parameters to identify a connection is the content of the > > proxy protocol block. However, this breaks the following reg-tests : > > - proxy_protocol_send_unique_id.vtc (from commit > > cf6e0c8a836da211946fa637020e776286093633) > > What happens in the reg-test with my modification is that on the second > > client request, a new proxy protocol packet for connection comparison is > > generated with the header of the second request as unique id. It is > > identified that the previous connection cannot be reused (different > > unique id in proxy protocol), and thus a new connection is established. > > However, on the reg-tests, it is expected that the first connection is > > reused and thus no proxy protocol resend. > > What is your opinion on this ? On my side, I think the behavior of my > > implementation is less surprising, but if it is a real use-case, I do > > not want to break it without knowing it. > Sending unique IDs via PROXY v2 was implemented for TCP proxying. The > documentation already states that: > It can > lead to unexpected results in "mode http", because the > generated unique ID is also used for the first HTTP request > within a Keep-Alive connection. > So: > 1. No one should send unique IDs via PROXY v2 for HTTP traffic. There's > headers for that. > 2. It didn't make sense to actually prevent users from doing that. > 3. Preventing sharing for such connections does not actually *break* > anything, instead it just reduces performance. > 4. With the reduced performance we are back to (1): You really shouldn't > do this. > 5. The test was just to make sure it behaves somewhat sanely (i.e. does > not send entirely wrong information) for HTTP traffic. My intention was > not to test that Keep-Alive is possible. > So: Please go ahead with your modification, change the test to make sure > keep-alive does not happen and adjust the documentation as necessary.
Hi Tim, Thanks for your quick answer. I will continue my work and adjust the test and the doc. -- Amaury Denoyelle
