When you make a request to certain websites you may find an unusual header that looks a little strange:
[8000 eitan@radar ~ ]%curl -I http://www.imdb.com/ 2>/dev/null|grep close Cneonction: close [8001 eitan@radar ~ ]%curl -I http://maps.apple.com/ 2>/dev/null|grep close Cneonction: close
This isn't a typo though. Some load balancers that sit between the web server and end user want to implement HTTP keep-alive without modifying the back end web server. The load balancer therefore has to add "Connection: Keep-Alive" to the HTTP header and also has to elide the "Connection: close" from the real webserver. However, if it completely removes the line the load balancer (acting as a TCP proxy) would have to stall before forwarding the complete text in order to recompute the TCP checksum. This increases latency on packet delivery.
Instead, the proxy uses a hack to keep the checksum unchanged. The TCP checksum of a packet is the 1s complement summation of all the 16 bit words (the final word might be right padded with zeros).[1] By manipulating the ordering, but not the content of the header the proxy can avoid changing the TCP checksum except by the fixed amount that the "Connection: Keep-Alive" adds (2061).
In particular:
>>>sum(ord(i) for i in "Connection") - sum(ord(i) for i in "Cneonction")
0
This reordering also keeps the packet size the same.
Edit 2012-10-31: Make the RFC a link and remove pointless "2>&1"Thanks abbe for the inspiration! Thanks wxs for the proofreading.
This is fantastic. +1
ReplyDelete