From: Drew Northup <n1xim.email@gmail.com>
To: "Shawn O. Pearce" <spearce@spearce.org>
Cc: Junio C Hamano <gitster@pobox.com>, Jeff King <peff@peff.net>,
git@vger.kernel.org
Subject: Re: [PATCH] Retry HTTP requests on SSL connect failures
Date: Mon, 1 Oct 2012 20:14:35 -0400 [thread overview]
Message-ID: <CAM9Z-nkSio-fXPAw_qaZsPhT-DHjn+AOOfZMXQYFCmeQAs+cJA@mail.gmail.com> (raw)
In-Reply-To: <1349126586-755-1-git-send-email-spearce@spearce.org>
On Mon, Oct 1, 2012 at 5:23 PM, Shawn O. Pearce <spearce@spearce.org> wrote:
> From: "Shawn O. Pearce" <spearce@spearce.org>
>
> When libcurl fails to connect to an SSL server always retry the
> request once. Since the connection failed before the HTTP headers
> can be sent, no data has exchanged hands, so the remote side has
> not learned of the request and will not perform it twice.
>
> In the wild we have seen git-remote-https fail to connect to
> some load-balanced SSL servers sporadically, while modern popular
> browsers (e.g. Firefox and Chromium) have no trouble with the same
> server pool.
>
> Lets assume the site operators (Hi Google!) have a clue and are
> doing everything they already can to ensure secure, successful
> SSL connections from a wide range of HTTP clients. Implementing a
> single level of retry in the client can make it more robust against
> transient failure modes.
Ok, this begs for some background info...
@Dayjob one of the many things I do is mange our load balancers
(redundant pair in our case). If the attempted SSL connections in one
"bin" (time-slot) exceeds the licensed size of that "bin" then the
excess attempts are just "dropped on the floor." Normal web browsers
detect this initial failure and try again. This may be implemented
internally—I haven't checked.
Google, as I am sure you are well aware, doesn't rely upon a
traditional L2/L3 network level load balancing architecture.
Therefore, I would not attempt to argue that the results that apply to
their systems would apply much of anywhere else. (They have done
presentations publicly, which are archived on the 'net, about how they
do things.)
--
-Drew Northup
--------------------------------------------------------------
"As opposed to vegetable or mineral error?"
-John Pescatore, SANS NewsBites Vol. 12 Num. 59
next prev parent reply other threads:[~2012-10-02 1:05 UTC|newest]
Thread overview: 36+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-09-20 2:55 [PATCH] Disable dumb HTTP fallback with GIT_CURL_FALLBACK=0 Shawn O. Pearce
2012-09-20 3:22 ` Shawn Pearce
2012-09-20 3:52 ` Jeff King
2012-09-20 3:48 ` Jeff King
2012-09-20 5:57 ` Shawn Pearce
2012-09-20 5:58 ` [PATCH] Revert "retry request without query when info/refs?query fails" Shawn O. Pearce
2012-09-20 6:29 ` Junio C Hamano
2012-09-20 6:31 ` Junio C Hamano
2012-09-20 16:24 ` Jeff King
2012-09-20 16:59 ` [PATCH 0/2] smart http toggle switch fails" Jeff King
2012-09-20 17:00 ` [PATCH 1/2] remote-curl: rename is_http variable Jeff King
2012-09-20 17:05 ` [PATCH 2/2] remote-curl: let users turn off smart http Jeff King
2012-09-20 17:53 ` Junio C Hamano
2012-09-20 18:12 ` Jeff King
2012-09-20 18:36 ` Junio C Hamano
2012-09-20 20:51 ` Jeff King
2012-09-20 21:15 ` Junio C Hamano
2012-09-20 21:30 ` Jeff King
2012-09-21 17:34 ` Junio C Hamano
2012-09-21 17:41 ` Jeff King
2012-09-20 17:24 ` [PATCH] Disable dumb HTTP fallback with GIT_CURL_FALLBACK=0 Jeff King
2012-09-20 23:05 ` Shawn Pearce
2012-09-21 5:26 ` Jeff King
2012-09-21 14:19 ` Shawn Pearce
2012-10-01 21:23 ` [PATCH] Retry HTTP requests on SSL connect failures Shawn O. Pearce
2012-10-01 21:47 ` Junio C Hamano
2012-10-01 21:53 ` Junio C Hamano
2012-10-01 22:23 ` Jeff King
2012-10-01 23:20 ` Junio C Hamano
2012-10-01 22:18 ` Jeff King
2012-10-02 2:38 ` Shawn Pearce
2012-10-02 13:57 ` Drew Northup
2012-10-02 0:14 ` Drew Northup [this message]
2012-09-20 4:14 ` Re* [PATCH] Disable dumb HTTP fallback with GIT_CURL_FALLBACK=0 Junio C Hamano
2012-09-20 4:14 ` [PATCH 1/2] Disable dumb HTTP fallback with GIT_DUMB_HTTP_FALLBACK=false Junio C Hamano
2012-09-20 4:14 ` [PATCH 2/2] remote-curl: make dumb-http fallback configurable per URL Junio C Hamano
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: http://vger.kernel.org/majordomo-info.html
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAM9Z-nkSio-fXPAw_qaZsPhT-DHjn+AOOfZMXQYFCmeQAs+cJA@mail.gmail.com \
--to=n1xim.email@gmail.com \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=peff@peff.net \
--cc=spearce@spearce.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://80x24.org/mirrors/git.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).