You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@trafficserver.apache.org by "Masaori Koshiba (JIRA)" <ji...@apache.org> on 2015/12/18 05:56:46 UTC

[jira] [Updated] (TS-4087) H2 flexible resource limitation

     [ https://issues.apache.org/jira/browse/TS-4087?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Masaori Koshiba updated TS-4087:
--------------------------------
    Fix Version/s: 6.2.0

> H2 flexible resource limitation
> -------------------------------
>
>                 Key: TS-4087
>                 URL: https://issues.apache.org/jira/browse/TS-4087
>             Project: Traffic Server
>          Issue Type: New Feature
>          Components: HTTP/2
>            Reporter: Ryo Okubo
>             Fix For: 6.2.0
>
>
> Current H2 implementation depends on FetchSM and PluginVC to forward requests. But their memory footprint is very high. It may be vulnerable to DoS attack.
> As simple ways to avoid the problem, we can use two limitations, _proxy.config.net.connections_throttle_ and _proxy.config.http2.max_concurrent_streams_in_. But reducing number of _proxy.config.net.connections_throttle_ causes that number of acceptable HTTP/1.1 requests become lower. And reducing _proxy.config.http2.max_concurrent_streams_in_ restricts benefits of H2.
> I'd like to propose more flexible resource limitation for current H2 impl based on number of active H2 streams. Its adding an upper limit of active H2 streams. If tis exceeded, ATS send low number of SETTINGS_MAX_CONCURRENT_STREAMS to clients and/or RST_STREAM frame.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)