2010/11/29 marius zbihlei marius.zbihlei@1and1.ro:
AFAIR using raw sockets checking ICMP notifications would be possible (not yet implemented, but possible as I remember from a thread with Andrei).
Possible, but not easily implementable, as ICMP Host unreachable are sent asynchronously from the kernel. Also the current sendto() call does not guarantee delivery on all Unixes (Linux should be fine), connected UDP sockets are to be used instead.
IMHO this would be very useful because if a UDP port is unreachable and there is a ICMP notification about it, the proxy should generate an internal 503 (transport error) rather than a 408 (fr_timer timeout).
Well, this means that we should disable dns_failover (or equivalents) completely and handle ICMP errors in failure_route blocks(just test if the transaction issued a 503).
Humm, I expect that when discovering the destination (DNS SRV) N branches should be generated in serial forking fashion in case there are various priorities in the received response, am I wrong?
If I recall RFC 3263 , this would mean another server discovery (as the new request generates a new transaction) so again there is the possibility that the broken host is selected. If we use this dns fallback(IMHO this is a nice feature- I personally rely on this) how do we decide to generate a 503 ?
503 should be the final winning response in case all the branches fail.
If the host is already a IP address, that it would be ok to send a 503, as no DNS failover is possible.
Yes.
Ideas?
I think that what I've proposed in this mail requires a big change, so... not sure if it's feasible right now.