I am writing a FastCGI application interface library in C#/Mono, running on a plain-'ol Linux box (Vagrant and/or EC2), using Nginx as the web server. I am trying to make my implementation comply with the FastCGI 1.0 spec. As such I am prepared to receive a FCGI_GET_VALUES record, and respond with FCGI_GET_VALUES_RESULT. However, my experience is that Nginx FastCGI is not sending this. So, the questions I am trying to answer:
(1) OK, the web server's not required to send FCGI_GET_VALUES, it's optional. So, has it fallen out of use? Do other FastCGI server implementations still use this or not? Is there a way to configure Nginx FastCGI to enable it?
(2) Three defined config values go back to the web server in the FCGI_GET_VALUES_RESULT record: max concurrent transport connections the app will accept; max concurrent requests the app will accept; whether the app multiplexes connections. Lacking FCGI_GET_VALUES, what alternative methods, if any, exist to communicate or configure Nginx's FastCGI module with such settings?
1) I recently went on a search for an open source web server with support for FastCGI management messages. I skimmed the source code of several very quickly, including nginx. The only one that looked like it had code to send FCGI_GET_VALUES was OpenLiteSpeed. I didn't get round to testing it before giving up on FastCGI I'm afraid, and it didn't look like it actually paid any attention to the values it received.
2) I'll cover what I know about each parameter individually:
FCGI_MAX_CONNS: Don't think there's any way to directly specify this in nginx. Maybe you could do something with http://nginx.org/en/docs/http/ngx_http_limit_conn_module.html
OpenLiteSpeed has an option to limit the number of connections to a fastcgi server.
FCGI_MPXS_CONNS and FCGI_MAX_REQS: nginx doesn't support multiplexing FastCGI over a single connection. I couldn't find a web server that did.
For reference, I skimmed through the source code of these web servers, and none of them look like they send FCGI_GET_VALUES:
apache2 (mod_fastcgi, mod_fcgi, mod_proxy_fcgi), caudium, monkey, hiawatha, jetty, lighttpd, nginx, cherokee
Some of them did process FCGI_GET_VALUES_RESULT though.
Related
I have an ASP.Net Core 2.2 Web API targeting .NET framework 4.7.2 running under IIS, Out of Process. I am seeing a lot of outgoing network issues. The app connects to various things (SQL databases, SSAS via XMLA etc.) and I am seeing across the board network failures to connect to various resources. At first I thought it was SQL connections only but it appears to be network in general. I get some sort of failure very regularly, around 1 in 10 requests. I have this in web.config:
<system.net>
<connectionManagement>
<add address="*" maxconnection="65535"/>
</connectionManagement>
</system.net>
and this in Startup.cs:
ServicePointManager.DefaultConnectionLimit = int.MaxValue;
However, it's not just HTTP connections that are failing, it's mostly SQL, SSAS, general TCP.
The failures are things like SQL error 26, unable to connect and similar for other non-SQL network resources. It is intermittent, there is hardly any load on the box at all. It seems to happen when API calls are made back to back perhaps.
I don't think it's a general network (router/switch) issue as I can set up, for example, a scripted console SQL connect/select/teardown to one of the remote services showing connect failures from the app and this never fails, even in a repeating loop running at the same time as I see errors in the app connecting to the same DB.
There must be some TCP/network tuning I am missing and would be grateful for any suggestions.
You have a very unusual issue. The reason to use large packets sizes is when you have a very small number of errors the more data you send the more errors you will get. But the error rate should be constant. You will always get errors. But in this case the error are not constant. The only start when data is split into more than one packet which occurs when you send data larger than 1500 bytes.
You probably have a multi-hop connection where the client and server are not directly connected by one cable. You are going through routers and server which each have their own unique IP address (and name).
Normally errors are fixed by replacing cables or pieces of hardware. You can either randomly start replacing hardware or you can use ping from/to different servers and routers to find which work and which gives error helping to isolate issue.
In you case it looks like the issues is one of your devices was not designed correctly. Errors starting at 1500 bytes are usually due to vendor not fully testing devices and not fixing errors found during alpha and beta testing. Most vendors do a very good job of testing and certifying their devices. So this could be a "Made in China" issue. Or maybe even a virus. Still to fix issue start replacing or use ping to isolate which routes work and which give errors.
I want to write an application that "listens" for a server push.. i.e the server can broadcast.. I want to do this via an open web request to a php page that holds a database vale in it and returns the database value.. so that if the database changes.. the value changes which means C# app knows to fire a initiation of some sort (in my case it's a "refresh" request) 99.99% of this work is done via this refresh request.. I only need to know.. ho w to implement the "trigger" or "event" from the server... the standard methodology for this (I know) is polling x seconds but I know that a proper event driven architecture is much nice..
Remember this is nothing to do with IIS ... This is a windows client C# exe that needs to "listen" to a web server.. are there any good code examples people know about?
HTTP is a request/response protocol - there is no "push". Common historic approaches to solve that are frequent polling and long-polling, but these days web-sockets are another option. You can use web-sockets from a client application: in .net 4.5 on Windows 8 / Server 8 there is an inbuilt client in the framework, but it isn't hard to write one based on raw TCP from the specification (or just look for an existing client library). Web-sockets supports bi-directional communications, so the server can spontaneously broadcast to the clients. Great for prompt updates.
You would of course also need a web-socket server implementation, but that is available for most platforms and toolsets.
I have a standard web server that serve web pages.
I want to monitor traffic on port 80, intercept every http responses, and add/inject an additionnal header to them.
The process will then act like a proxy between the web server and the client.
Could you please give me some pointers? I'm already aware of SharpPCap, but I'm not sure where to start.
Note: I can't rely on the web server, I can't control it or change it's configuration. However I can install any other process on the same machine.
Thanks a million
I think that SharpPCap is an overkill here.
Try:
listen on a port (say 8080)
for each incoming connection, accept and open one to the server (original one, port 80)
pass everything that comes in from the client straight to the server
pass everything that comes from the server back to the client, monitoring the stream and injecting/modifying if needed
I think what you want to do can be done with IIS 7.0 URL Rewrite module instead of rolling your own code.
http://learn.iis.net/page.aspx/711/modifying-http-response-headers/
My company is experimenting with writing a proxy server using the .NET Fx 3.5 and C#. From our research I have read that HttpListener is not a good candidate for a proxy server though I am unsure as to why.
We are currently working with the Mentalis proxy example source code though that will involve, among other things, implementing our own logging and performance counters. Using HttpListener will wrap Http.sys which will give us some of the performance statistics we require out of the box.
So why is HttpListener a bad candidate for HTTP proxy work?
(And yes we are considering Squid 3.1 by writing or configuring an ICAP server as well.)
HttpListener is in .NET to provide a major building block for a simple HTTP server. Where simple includes not supporting high operation rates.
Typically HTTP proxies need to be very low overhead to support many concurrent connections as well as providing the proxy's function (which depends on the type of proxy).
Proxies are detailed in RFC 2616 ยง8.1.3) and that immediately provides one item that (if I understand HttpListener correctly) is not possible:
The proxy server MUST signal persistent connections separately with its clients and the origin servers (or other proxy servers) that it connects to. Each persistent connection applies to only one transport link.
You might also consider that the windows port of nginx was released a few days ago. Many sites that have squid and varnish experience are very pleased after converting to nginx. Then there is always whatever MS is calling ISA server these days.
Gone off to look at the Mentalis code now :D
Is there anyway to configure a WCF service with a failover endpoint if the primary endpoint dies? Kind of like being able to specify a failover server in a SQL cluster.
Specifically I am using the TCP/IP binding for speed, but on the rare occurrence that the machine is not available I would like to redirect traffic to the failover server. Not too bothered about losing messages. I'd just prefer not to write the code to handle re-routing.
You need to use a layer 4 load balancer in front of the two endpoints. Prob best to stick with a dedicated piece of hardware.
Without trying to sound too vague but I think Windows Network Load Balancing (NLB) should handle this for you.
Haven't done it yet with WCF but plan to have a local DNS entry pointing to our Network Load Balancing (NLB) virtual iP address which will direct all traffic to one of our servers hosting services within IIS. I have used NLB for this exact scenario in the past for web sites and see no reason why it will not work well with WCF.
The beauty of it is that you can take servers in and out of the virtual cluster at will and NLB takes care of all the ugly re-directing to an available node. It also comes with a great price tag: $FREE with your Windows Server license.
We've had good luck with BigIP as a solution, though it's not cheap or easy to set up.
One nice feature is it allows you to set up your SSL certificate (and backdoor to the CA) at the load balancer's common endpoint. Then you can use protocols to transfer the requests back to the WCF servers so the entire transmission is encrypted.