W3C home > Mailing lists > Public > ietf-http-wg@w3.org > April to June 2014

Re: GOAWAY and proxies (#458)

From: Martin Thomson <martin.thomson@gmail.com>
Date: Fri, 2 May 2014 11:31:54 -0700
Message-ID: <CABkgnnXEjRj6J08ik4bsxcGpibhx_sC4w_Awfyj9a319L2SYPw@mail.gmail.com>
To: Daniel Sommermann <dcsommer@fb.com>
Cc: William Chan (ι™ˆζ™Ίζ˜Œ) <willchan@chromium.org>, HTTP Working Group <ietf-http-wg@w3.org>
On 2 May 2014 10:42, Daniel Sommermann <dcsommer@fb.com> wrote:
> Now that Martin has clarified the possibility of receiving multiple GOAWAYs
> in the text
> (https://github.com/http2/http2-spec/commit/d00b4f82001305a5d01e810a7b45140223cb2d08),
> I have submitted https://github.com/http2/http2-spec/pull/475/files to make
> the graceful shutdown mechanism explicit in the spec. I'd be happy to get
> hear feedback on this proposed change.


So that I can discuss this:

+          There is an inherent race condition when proxying from a
HTTP/1.1 client to a HTTP/2
+          server and the server goes down for maintenance. Since some
in-flight client requests may
+          be unacknowledged by the server GOAWAY and there is no way
to retry these requests,
+          servers SHOULD implement a two phase shutdown for
maintenance. In the first phase, the
+          server sends a GOAWAY with NO_ERROR and a last stream id
equal to 2^31 - 1. After at
+          least 1/2 RTT elapses, the server sends a second GOAWAY
with NO_ERROR and the last stream
+          id it actually accepted.

I think that this is a problem with intermediation in general.  And
there may even be some clients that are unable to retry for other
reasons (intermediaries aren't the only entities that attempt to
minimize their state commitment).

Half an RTT is definitely not enough.  From the server perspective it
needs to be >1RTT.

Maybe:

A client that is unable to retry requests loses all requests that are
in flight when a server closes
down a connection.  This is especially true for intermediaries that
might not be serving clients
using HTTP/2.  If the server is attempting to gracefully shut down a
connection, it can send an
initial GOAWAY frame with the last frame identifier set to
2<x:sup>31</x:sup>-1 and a
<x:ref>NO_ERROR</x:ref> code.  This signals to the client that a
shutdown is imminent and that no
further requests can be initiated.  The server can then wait at least
a round trip time to allow for
requests that the client sent prior to receiving the GOAWAY frame
before sending another GOAWAY
frame with an updated last stream identifier.  This ensures that a
connection can be cleanly shut
down without losing requests.
Received on Friday, 2 May 2014 18:32:22 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:14:30 UTC