Comments (6)
krizhanovsky
commented on May 18, 2024
See also implementation of simalr functionality in HAProxy.
The Cookies functionality required for intelligent users blocking and load balancing.
from tempesta.
keshonok
commented on May 18, 2024
This issue depends on successful resolution of #47.
from tempesta.
krizhanovsky
commented on May 18, 2024
Depending on the configuration Tempesta must be able to forward to do following (the feature should have configuration option to enable/disable the logic below):
- if client request hasn't our cookie, then reply to the client w/ 302 status code and the new cookie value
- the cookie should be calculated as <timestamp,HMAC(secret, timestamp, User-Agent, ClientIP)>, where is configured value or random number calculated on the system startup
- if a request has the cookie, then forward the request to backend
Timestamp must be stored in the client session.
Thus, with the feature enabled backend server behind Tempesta should receive requests only with the sticky cookies.
from tempesta.
vdmit11
commented on May 18, 2024
A possible bug:
The issue #5 states the requirement:
by list of statically specified URL, Host or backed IP addresses (i.e. each backend server must have it's own list of URLs and/or Host values (or IP addresses instead of DNS names) by which are sent to it)
But if the sticky cookie is enabled and we are routing all HTTP requests to the same server, then we can violate the list of Host/URI rules easily. That sounds like a bug.
Domain-specific and path-specific cookies could solve the issue, but the problem is the current implementation of tfw_sched_http supports extended rules: it allows to specify any header field and choose a comparison function. Cookies can't handle that.
Perhaps the simplest solution is to use domain-specific/path-specific cookies, but drop the support of "extended" rules. The issue #76 implies that the tfw_sched_http should be re-designed to support large sets of rules, so we have to implement an efficient search by URI/host and therefore drop the list-based implementation of these "extended" rules anyway.
from tempesta.
krizhanovsky
commented on May 18, 2024
But if the sticky cookie is enabled and we are routing all HTTP requests to the same server, then we can violate the list of Host/URI rules easily. That sounds like a bug.
These are different scheduling algorithms. Current issue doesn't require any scheduling adjustments. Only its possible applications for scheduling was mentioned.
from tempesta.
krizhanovsky
commented on May 18, 2024
Merged to master.
from tempesta.
Related Issues (20)
- Implement checking that listen sockets from Tempesta FW configuration is not used HOT 1
- Kernel BUG at fw/apm.c:1089
- JA3 hash computation and filtration
- Kernel BUG after stress test on MTU 80 HOT 2
- Deadlock on Tempesta shutdown HOT 1
- Prohibit DELETE method in default configuration
- Kernel BUG under MTU 80 HOT 4
- Warning: `fw/cache.c:2073` `tfw_cache_copy_resp()`
- Add / set header vs vhost inheritance mess
- kernel BUG at `tfw_http_send_err_resp` HOT 2
- Integrate comprehensive monitoring solution.
- disallow some characters for `custom character sets`
- Crash while stopping the module under load
- Socket cpu migration
- duplicate value for `Content_Encoding` header in http2 request HOT 2
- frang: `concurrent_tcp_connections` - the connection counter works incorrectly
- Extra calls of `tfw_classify_conn_estab` HOT 2
- [RESEARCH] High memory consumption after frang configuration HOT 3
- http_hdr_cnt vhost overriding
- Implement ability to send js challenge according custom rules HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from tempesta.