Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

mention connection coalescing #69

Open
bagder opened this issue Sep 28, 2015 · 6 comments
Open

mention connection coalescing #69

bagder opened this issue Sep 28, 2015 · 6 comments

Comments

@bagder
Copy link
Owner

bagder commented Sep 28, 2015

Since it may have an impact and reduce connections even more than just the single TCP connection per host.
@gaperik
Copy link

gaperik commented Apr 11, 2016

+1
Issue still and possibly more relevant now. How do UA's typically plan to coalesce connections? Will they behave in a similar fashion? Even coalesce different security origins at some point?

@bagder
Copy link
Owner Author

bagder commented Apr 11, 2016

They coalesce based on the server cert and IP address used. Simply put: if you have multiple sites covered by overlapping IP address and they share SANs in the cert, they may be coalesced...

@gaperik
Copy link

gaperik commented Apr 11, 2016

Tnx! And this is true for H2 and related http extensions including Alt Svc
I presume?
So in the case of two different secure origins (w3c webappsec meaning)
share the same SAN, the browser UA may mix the respective h2 frames on the
same TLS/QUIC connection? Meaning if both origins use the same CDN, then
said CDN may in certain circumstances allow the UA to coalesce the https://
streams onto the same connection (same IP address and SAN)?

2016-04-11 22:37 GMT+02:00 Daniel Stenberg notifications@github.com:

They coalesce based on the server cert and IP address used. Simply put: if
you have multiple sites covered by overlapping IP address and they share
SANs in the cert, they may be coalesced...


You are receiving this because you commented.
Reply to this email directly or view it on GitHub
#69 (comment)

@bagder
Copy link
Owner Author

bagder commented Apr 11, 2016

And this is true for H2 and related http extensions including Alt Svc I presume?

Correct.

if both origins use the same CDN, then said CDN may in certain circumstances allow the UA to coalesce the https:// streams onto the same connection (same IP address and SAN)?

Correct again!

That's also how HTTP/2 capable browsers can "unshard" sharded sites. (But don't add QUIC to the mix that easily, as that's UDP based so it doesn't have connections in the same way and I've not kept up with the specifics in that protocol so I can't vouch for exactly how coalescing works (or not) there.)

@ab77
Copy link

ab77 commented Apr 20, 2018

For completeness, it is probably worth mentioning an edge case when there is a transparent TLS proxy between the client and the server (e.g sniproxy), whereby H2 requests may get proxied to the wrong host under the above circumstances.

@bagder
Copy link
Owner Author

bagder commented Apr 20, 2018
edited

I'm not convinced mentioning transparent middle-things ruining traffic actually helps anyone.

I blogged about how browsers do HTTP/2 coalescing back in 2016 but I never turned that into contents for this book.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@bagder @ab77 @gaperik