[squid-dev] [PATCH] risky_server_pconn_reuse option
Amos Jeffries
squid3 at treenet.co.nz
Mon Mar 7 14:20:10 UTC 2016
On 8/03/2016 12:26 a.m., Eduard Bagdasaryan wrote:
> Hello,
>
> This patch introduces a new ACL-driven " risky_server_pconn_reuse" option.
> This option provides fine-grained control over persistent connection
> reuse when forwarding HTTP requests that Squid cannot retry. It is useful
> in environments where opening new connections is very expensive
> (e.g., all connections are secured with TLS with complex client and server
> certificate validation) and race conditions associated with persistent
> connections are very rare and/or only cause minor problems.
>
> Example:
> acl SpeedIsWorthTheRisk method POST
> risky_server_pconn_reuse allow SpeedIsWorthTheRisk
>
* To fit with the rest of the directives this should be called
server_pconn_for_nonretriable.
* This is not a RFC violation, so you dont need to wrap any of its code
in USE_HTTP_VIOLATIONS.
The current Squid behaviour was just a hack Alex added years back to
prevent the old behaviour this is trying to selectively re-enable now.
Since it was causing so many client-visible error messages when we first
moved to HTTP/1.1 defaults.
* What the risk is should probaly be noted in the documentation; That
the requests it enables to re-use pconn can result in 500 errors
reaching clients/users eyes if there are any network delivery issues, or
the server closes its connection while the request is still bufferd by TCP.
* only indent cf.data.pre text with 1 tab, not 2.
Amos
More information about the squid-dev
mailing list