On Wed, 6 Aug 2003, Rodney Green wrote:
> What do you mean by "serious problems" ? Any advice would be welcome.
If tuning the pconn_timeout parameter up makes a difference for an
application then the web server contacted is most likely broken and
assumes one TCP connection == one user.
This assumption is not true when users are going via a proxy as the HTTP
standard dictates that connections are a hop-by-hop transport mechanism
(i.e. browser<->proxy is one hop, proxy<->web server another), and each
hop should utilize already existing connections before opening new ones.
One noticeable impact of this (apart from significantly better
performance) is that servers will receive connections from multiple
different users on the same connection (only one request at a time
however). The reverse is also true where multiple requests sent on the
same connection by the user may be split on different connections by the
proxy.
If this application however works by one port per user then you should be
more or less safe as only this user will be hitting that port of the
server, at least unless some hacker user of yours guesses the port of
another user..
Regards
Henrik
Received on Wed Aug 06 2003 - 12:58:30 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:18:44 MST