1 KeepLive Connections
Clients generally open a number of simultaneous TCP connections to a server and conduct keepalive transactions across them all. These connections are held open until either the client or the server decides they are no longer needed, generally as a result of an idle timeout.
Modern web browsers typically open 6 to 8 keepalive connections and hold them open for several minutes before timing them out.
https://www.nginx.com/blog/http-keepalives-and-web-performance/
But:
The approach above is designed to give the best possible performance for an individual client. Unfortunately, in a ‘tragedy of the commons’-like scenario, if all clients operate in this way, it can have a detrimental effect on the performance of many common web servers and web applications
理論上的KeepLive Connections來增進連線效能的做法, 是只針對只有一個Server只有服務一個連線者的情況來說 但是實際上, 卻不會這麼理想, 往往會有很大量的使用者同時連線到伺服器請求資料, 因此如果每個使用者的KeepLive Connections的機制上運作, 而一旦當KeepLive Connections的數量達到了Server可以同時處理的concurrency上限時 就會出現嚴重得效能缺陷, 其他得使用者就無法再和此伺服器建立連線, 而出現拒絕服務的情況發生
The reason is that many servers have a fixed concurrency limit. For example, in common configurations, the Apache server can only process 150 (with the worker multi-processing module [MPM]) or 256 (with the prefork MPM) concurrent TCP connections. Each idle HTTP keepalive connection consumes one of these concurrency slots, and once all of the slots are occupied, the server cannot accept any more HTTP connections.
由於此機制造成可以提供一個拒絕服務攻擊(denial-of-service attacks)的一個情況發生
The large number of concurrent client connections and the assignment of a thread or process to each connection produces the phenomenon known as “HTTP Heavy Lifting” – a disproportionately large effort is required to process a lightweight HTTP transaction.
因為每一個同時連線的客戶端在運作上伺服器都會分配一個thread or process去對應處理使用者的請求,一個TCP的連線是很輕量的作業系統物件,但是執行緒和處理程序卻是很耗資源的,因此就會照成一個現象“HTTP Heavy Lifting”, 就是分配不成比例的資源去處理一個輕量的HTTP的交易
What Does This Mean in Practice?
It does not take many clients to exhaust the concurrency limit in many contemporary web and application servers.
If a client opens 8 TCP connections, and keeps them alive for 15 seconds after they are needed, the client consumes 8 concurrency slots for 15 seconds. If clients arrive at your website at the rate of 1 per second, 120 concurrency slots are continually occupied by idle keepalive connections. If the rate is 2 clients per second, 240 concurrency slots are occupied. Once the slots are exhausted, clients can no longer connect until the current connections time out.
This can result in very uneven levels of service. Clients who successfully acquire a keepalive connection can browse your service at will. Clients who are locked out have to wait in a queue.
在實作上代表什麼意思呢?
對很多現在化的網站和應用程式伺服器來說,當它一當達到並行服務的限制且無法排除時,就無法服務很多的客戶端
假如一個客戶端打開了8個TCP的連線, 在他不需要使用它時將它保持了15秒, 代表他使用了8個並行處理的通道15秒, 一當 達到了1個使用者端在1秒有120個並行通道被保持連線使用的使用率, 或者是2個使用者端在1秒有240個並行通道被保持連線使用的使用率時, 其他的使用者就無法再對伺服器進行連線, 直到他們的保持連線過期
如此會導致服務品質的不平均, 成功取得保持連線的客戶端可以使用網站的服務, 但是其他的使用者就必須在等待的序列當中而無法存取網站的服務