You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
gRPC is a widely used on micro-services projects and it uses HTTP/2. Full HTTP/2 proxying (HTTP/2 connections to backed) must be implemented to work in content delivery and filtration network cases and gRPC proxying and load balancing.
There is not much sense in Huffman encoding for response headers, but it's different for requests, so Huffman encoding must be implemented. Keep in mind that not all the headers should be HPACKed. E.g. it seems Cookie - should neither be indexed nor Huffman encoded.
Avoiding headers variation probably makes sense - while the standard is sitll in draft we still can rebuild headers just like we do this for HTTP/2 -> HTTP/1.1 transition, of course if it makes sense from performance point of view.
We got rid of seq_queue in #309 and in this task we can get rid of nip_queue.
Depends
#769 - Full TLS proxying
Scope
gRPC is a widely used on micro-services projects and it uses HTTP/2. Full HTTP/2 proxying (HTTP/2 connections to backed) must be implemented to work in content delivery and filtration network cases and gRPC proxying and load balancing.
There is not much sense in Huffman encoding for response headers, but it's different for requests, so Huffman encoding must be implemented. Keep in mind that not all the headers should be HPACKed. E.g. it seems Cookie - should neither be indexed nor Huffman encoded.
Avoiding headers variation probably makes sense - while the standard is sitll in draft we still can rebuild headers just like we do this for HTTP/2 -> HTTP/1.1 transition, of course if it makes sense from performance point of view.
We got rid of
seq_queue
in #309 and in this task we can get rid ofnip_queue
.Security
Need special hooks for inspection logic for gRPC traffic, e.g. https://github.com/tempesta-tech/tempesta/wiki/HTTP-security#custom-character-sets . In general, fRPC traffic must be inspected just as HTTP.
Testing
The test must run gRPC client and server communication through Tempesta FW. Create a gRPC issue if some issues with gRPS are discovered by the test.
The text was updated successfully, but these errors were encountered: