Re: X-Forwarded-For and HTTP2

On 9/07/2015 6:21 a.m., Fedor Indutny wrote:
> It is not adding the XFF to every HEADERS frame that is costly,
> it is parsing the protocol itself. Most of the TLS terminators at the
> moment skip this stage and just do one client connection = one
> backend connection.
> With this in mind - adding parsing layer, and changing the frames
> on the fly is very costly.

In order to generate or receive frames (even the extension one you
mention) one must have a *frame* parser. That is different from and far
simpler than a frame payload parser.

As Mike pointed out appending non-indexed headers to the HEADERS frame
payload is almost cost-free. All that is needed is the basic frame
parser/receiver and ability to correctly update the frame payload-size
on altered frames. This is no more difficult than high speed TCP or IP
layer processing by any router today. The appended header bit can even
be a pre-generated binary blob which is fixed data per inbound connection.

Actually consuming the results or destructivly modifying existing header
contents is an HTTP level operation and there is no avoiding the full
HTTP processing stack for those. Thats business for a full HTTP agent
anyhow so no additional costs their either.


Received on Wednesday, 8 July 2015 22:36:23 UTC