OT: limit number of connections from browser to my server?
jmp
jeanmichel at sequans.com
Mon May 16 13:26:36 EDT 2016
On 05/16/2016 06:06 PM, Grant Edwards wrote:
> This is not Python specific, though I'm turning to Python to do some
> experimentation and to try to prototype a solution.
>
> Is there any way to limit the number of connections a browser uses to
> download a web page? Browser writers seems to assume that all https
> servers are massively parallel server farms with hardware crypto
> support.
>
> So, when a browser wants to load a page that has the main html file, a
> css file, a javascript library or two, and a few icons and background
> bitmaps, they browser opens up a half-dozen SSL connections in
> parallel.
>
> That's fine when the server is Facebook's server farm.
>
> But when it's a small embedded device running at 40MHz with a
> single-threaded web server and software crypto, it turns a 2-second
> page load time into a 15-second page load time.
>
> When we first added https support years ago, this wasn't a problem. A
> browser would open _an_ SSL connection (handshake time around 2
> seconds), and then send mutliple HTTP requests over that connection to
> grab a half-dozen files. Each HTTP request would take a few tens of
> milliseconds, and life was good.
>
> Now that 2-second page load takes up to 10-15 seconds because of all
> the SSL connection setup overhead involved in handling a half-dozen
> "parallel" connections.
>
> I was _hoping_ there was an HTTP header or HTML meta tag that could be
> used to smack the browser with a clue bat, but there doesn't seem to
> be. [Please tell me I'm wrong...]
>
> Some browsers used to have a global "max parallel connections" setting
> that the user could control, but a) that seems to be gone from recent
> versions of browsers I've looked at, and b) we can't ask customers to
> change that setting just for the benefit of our devices.
>
> So now I'm going to set up a simple Python HTTP server to try some
> other approaches:
>
> 1) Only allow the listening socket to accept 1 connection at a time.
>
> 2) Accept the TCP connection, but don't allow the SSL handshaking to
> start on the "extra" connections.
>
> 3) ???
>
> 4) Profits!
>
> Any ideas?
>
Have you considered upgrading the device with a recent CPU ? Or is it
completely out of the picture ?
Depending on what you are selling, it may be actually cheaper than
spending time trying to make it work.
You could also "externalize" the web service, a 35$ raspberry pi would
do it. Of course I do realize that everything I said may not make any
sense, we'd need to know a little bit more about the "device". If 35$
double the price, that may not be a good idea.
That being said, your first idea seems also a good lead, have your
server refuse more than one connection.
jm
More information about the Python-list
mailing list