[Devel] discussion of roadmap for 1.3

Henning Westerholt henning.westerholt at 1und1.de
Wed May 2 12:58:52 CEST 2007


On Monday 30 April 2007 12:09, Klaus Darilion wrote:
> I would like to see more feature for security/stability:
> - do not block during establishing new TCP/TLS connections

Hi,

does the current openser really blocks during TCP connection establishment? We 
plan to use TCP in the future, how critical affect this issue the actual 
performance?

> - do not try to establish TCP/TLS to clients behind NAT
> - possibility to drop final response if there is no matching transaction
> - do not block during DNS lookup

Eliminate blocking problems in the core should be important, i second this.

> I also thought how to make openser more responsive during high
> load/blocking - e.g. openser blocks because of DNS or DB problems. Then
> we get retransmissions, the input queues get full and openser collapses.
> I first idea would be a dedicated worked thread which handles this
> overload traffic - and only this overload traffic using a dedicated
> route, e.g.
>
> overload_route {
> 	append_to_reply("Retry-After: 300");
> 	sl_send_reply("500","Server busy");
> 	exit;
> }
>
> If all the worker threads are blocked for some time (e.g. >100 ms), then
> the scheduler start giving the incoming requests to the overload thread
> until the worker threads become idle again.

Sounds good, but the current architecture is not multithreaded, and it seems 
there exist some resistance regarding threads. 
I sumitted some time ago a patch for the mysql module that uses a similar 
approach.

Cheers,

Henning



More information about the Devel mailing list