SlideShare ist ein Scribd-Unternehmen logo

Open Source Non-Caching Proxy ExaProxy High Performance

Thomas Mangin
Thomas Mangin

ExaProxy is an open source non-caching web proxy written in C. It uses epoll and is multi-threaded for high performance. It has a non-blocking event-based network loop and uses coroutines and sockets as a message bus. It supports IPv6, acts as an IPv6-IPv4 gateway, and has its own asynchronous DNS library. Compared to other proxies like Squid, it has advantages like better load balancing, HTTPS filtering, and URL rewriting capabilities. Development is ongoing with over 250 commits to improve performance and functionality.

Technologie
1 von 13
Downloaden Sie, um offline zu lesen
ExaProxy open source web proxy UKNOF - 3rd of May 2012 York Thomas Mangin Exa Networks
Non-caching Proxy ALERT ! or transparent proxy reverse forward HTTP/1.1
epoll on linux multi-threaded Non-caching Proxy High Performance non-blocking event based network loop use of cheap co-routine sockets as message bus or transparent proxy reverse forward HTTP/1.1 ALERT ! own async DNS library conservative memory usage “pause” reader when writer is too slow
Non-caching Proxy IPv6 INSIDE Full native IPv6 support IPv6 to IPv4 gateway (and vice versa) or transparent proxy reverse forward NO ! It does NOT blend HTTP/1.1 ALERT !
SQUID VARNISH HA PROXY TINYPROXYPOUND PERLBAL QUITE A FEW OPEN SOURCE WEB PROXIES
FORWARD PROXIES FILTERING PROXIES WHAT PROXY ARE AVAILABLE FOR OUR USE Our Need !
SQUID FILTERING ..
A Filtering SQUID cluster ... Works However Linux ipvsadm for load balancing (MAC address rewrite) Farm of squid servers Can’t use L7 Load balancer Can not filter HTTPS (CONNECT) Load balancing must be sticky “cascade effect” on failure no load balancing backend monitoring
And you need to maintain a TWO liner PATCH SQUID purposefully crashes on high load debug(84, 1) ("WARNING: All %s processes are busy.n", hlp->id_name); debug(84, 1) ("WARNING: up to %d pending requests queuedn", hlp- >stats.max_queue_size); - if (hlp->stats.queue_size > hlp->n_running * 2) - fatalf("Too many queued %s requests (%d on %d)", hlp->id_name, hlp- >stats.queue_size, hlp->n_running);
SQUID compatible and ICAP (REQMOD) like mode Cookie modification force safe-search on youtube HTTPS filtering / Interception when browser/other proxy explicitly configured redirect the browser to a HTTP page .. HTTP/1.1 200 Connection Established CONNECT www.hsbc.com:443 HTTP/1.1 Host: www.hsbc.com HTTP/1.1 302 Surfprotected Cache-Control: no-store Location: http://www.surfprotect.co.uk/ Connection: closeHTTP/1.1 403 Surfprotected Connection: close Browsers just disabled this “feature” following some work on HTTBisNo way to return a message to the browser via 4xx/5xx URL Rewrite display a different URL
250+ commits since (and counting)
HAVE FUN ...*** *** if you are brave, mad, desperate or any of the above ! From: !David Farrar <david.farrar@exa-networks.co.uk> ! Subject: !D'oh! ! Date: !27 April 2012 12:31:53 GMT+01:00 ! To: !Thomas Mangin <thomas.mangin@exa-networks.co.uk> I now know why it was such a pain tracking down the source of the memory leak It requires that - - The client starts a new request over a socket that's already been used for at least one request - The send buffer to the remote web server was full when we first try sending the new request - The client is uploading a very large file (or this happens many times with smaller files) - The upload speed from the client to the proxy is greater than the upload speed from the proxy to the remote web server http://code.google.com/p/exaproxy/ We have ! ( It only took a week )
13 QUESTIONS ?

Empfohlen

ExaBGP at LINX 83
ExaBGP at LINX 83ExaBGP at LINX 83
ExaBGP at LINX 83Thomas Mangin
 
SDN-IP Peering using BGP
SDN-IP Peering using BGPSDN-IP Peering using BGP
SDN-IP Peering using BGPUmesh Krishnaswamy
 
Building your own sdn with debian linux salt stack and python
Building your own sdn with debian linux salt stack and pythonBuilding your own sdn with debian linux salt stack and python
Building your own sdn with debian linux salt stack and pythonMaximilan Wilhelm
 
AS201701 - Building an Internet backbone with pure 1he servers and Linux
AS201701 - Building an Internet backbone with pure 1he servers and LinuxAS201701 - Building an Internet backbone with pure 1he servers and Linux
AS201701 - Building an Internet backbone with pure 1he servers and LinuxMaximilan Wilhelm
 
Anycast all the things
Anycast all the thingsAnycast all the things
Anycast all the thingsMaximilan Wilhelm
 
Pound & Varnish - Cache e Balanceamento de Carga
Pound & Varnish - Cache e Balanceamento de CargaPound & Varnish - Cache e Balanceamento de Carga
Pound & Varnish - Cache e Balanceamento de Cargagsroma
 
IPv6
IPv6IPv6
IPv6Khachain Wangthammang
 
OSDC 2016 - Ingesting Logs with Style by Pere Urbon-Bayes
OSDC 2016 - Ingesting Logs with Style by Pere Urbon-BayesOSDC 2016 - Ingesting Logs with Style by Pere Urbon-Bayes
OSDC 2016 - Ingesting Logs with Style by Pere Urbon-BayesNETWAYS
 

Empfohlen

ExaBGP at LINX 83
ExaBGP at LINX 83ExaBGP at LINX 83
ExaBGP at LINX 83Thomas Mangin
 
SDN-IP Peering using BGP
SDN-IP Peering using BGPSDN-IP Peering using BGP
SDN-IP Peering using BGPUmesh Krishnaswamy
 
Building your own sdn with debian linux salt stack and python
Building your own sdn with debian linux salt stack and pythonBuilding your own sdn with debian linux salt stack and python
Building your own sdn with debian linux salt stack and pythonMaximilan Wilhelm
 
AS201701 - Building an Internet backbone with pure 1he servers and Linux
AS201701 - Building an Internet backbone with pure 1he servers and LinuxAS201701 - Building an Internet backbone with pure 1he servers and Linux
AS201701 - Building an Internet backbone with pure 1he servers and LinuxMaximilan Wilhelm
 
Anycast all the things
Anycast all the thingsAnycast all the things
Anycast all the thingsMaximilan Wilhelm
 
Pound & Varnish - Cache e Balanceamento de Carga
Pound & Varnish - Cache e Balanceamento de CargaPound & Varnish - Cache e Balanceamento de Carga
Pound & Varnish - Cache e Balanceamento de Cargagsroma
 
IPv6
IPv6IPv6
IPv6Khachain Wangthammang
 
OSDC 2016 - Ingesting Logs with Style by Pere Urbon-Bayes
OSDC 2016 - Ingesting Logs with Style by Pere Urbon-BayesOSDC 2016 - Ingesting Logs with Style by Pere Urbon-Bayes
OSDC 2016 - Ingesting Logs with Style by Pere Urbon-BayesNETWAYS
 
Picobgp - A simple deamon for routing advertising
Picobgp - A simple deamon for routing advertisingPicobgp - A simple deamon for routing advertising
Picobgp - A simple deamon for routing advertisingClaudio Mignanti
 
IPv6 in CloudStack Basic Networking
IPv6 in CloudStack Basic NetworkingIPv6 in CloudStack Basic Networking
IPv6 in CloudStack Basic NetworkingWido den Hollander
 
6. hands on - open mano demonstration in remote pool of servers
6. hands on - open mano demonstration in remote pool of servers6. hands on - open mano demonstration in remote pool of servers
6. hands on - open mano demonstration in remote pool of serversvideos
 
Linux Network commands
Linux Network commandsLinux Network commands
Linux Network commandsHanan Nmr
 
Packet Tracer: Nat protocol
Packet Tracer: Nat protocolPacket Tracer: Nat protocol
Packet Tracer: Nat protocolRafat Khandaker
 
The Basic Introduction of Open vSwitch
The Basic Introduction of Open vSwitchThe Basic Introduction of Open vSwitch
The Basic Introduction of Open vSwitchTe-Yen Liu
 
Dynamische Routingprotokolle Aufzucht und Pflege - OSPF
Dynamische Routingprotokolle Aufzucht und Pflege - OSPFDynamische Routingprotokolle Aufzucht und Pflege - OSPF
Dynamische Routingprotokolle Aufzucht und Pflege - OSPFMaximilan Wilhelm
 
Thrift+scribe实现分布式日志收集,并与log4j集成
Thrift+scribe实现分布式日志收集,并与log4j集成Thrift+scribe实现分布式日志收集,并与log4j集成
Thrift+scribe实现分布式日志收集,并与log4j集成zhongbing liu
 
OVS-NFV Tutorial
OVS-NFV TutorialOVS-NFV Tutorial
OVS-NFV TutorialOpen Networking Perú (Opennetsoft)
 
Nomenclatura QNAP
Nomenclatura QNAPNomenclatura QNAP
Nomenclatura QNAPFernando Barrientos
 
5. hands on - building local development environment with Open Mano
5. hands on - building local development environment with Open Mano5. hands on - building local development environment with Open Mano
5. hands on - building local development environment with Open Manovideos
 
debugging openstack neutron /w openvswitch
debugging openstack neutron /w openvswitchdebugging openstack neutron /w openvswitch
debugging openstack neutron /w openvswitch어형 이
 
nullcon 2010 - Software Fuzzing with Wireplay
nullcon 2010 - Software Fuzzing with Wireplaynullcon 2010 - Software Fuzzing with Wireplay
nullcon 2010 - Software Fuzzing with Wireplayn|u - The Open Security Community
 
Passwords Found on a Wireless Network
Passwords Found on a Wireless NetworkPasswords Found on a Wireless Network
Passwords Found on a Wireless NetworkDug Song
 
Nsq meetup-messaging
Nsq meetup-messagingNsq meetup-messaging
Nsq meetup-messagingGuillaume Arnaud
 
Raspi32
Raspi32Raspi32
Raspi32たけおか しょうぞう
 
Linux network stack
Linux network stackLinux network stack
Linux network stackTakuya ASADA
 
DevoxxFR 2016 - 3 degrees of MoM
DevoxxFR 2016 - 3 degrees of MoMDevoxxFR 2016 - 3 degrees of MoM
DevoxxFR 2016 - 3 degrees of MoMGuillaume Arnaud
 
Building your own CGN boxes with Linux
Building your own CGN boxes with LinuxBuilding your own CGN boxes with Linux
Building your own CGN boxes with LinuxMaximilan Wilhelm
 
Achieving the Ultimate Performance with KVM
Achieving the Ultimate Performance with KVMAchieving the Ultimate Performance with KVM
Achieving the Ultimate Performance with KVMdata://disrupted®
 
MNPHP Scalable Architecture 101 - Feb 3 2011
MNPHP Scalable Architecture 101 - Feb 3 2011MNPHP Scalable Architecture 101 - Feb 3 2011
MNPHP Scalable Architecture 101 - Feb 3 2011Mike Willbanks
 
HTTP cache @ PUG Rome 03-29-2011
HTTP cache @ PUG Rome 03-29-2011HTTP cache @ PUG Rome 03-29-2011
HTTP cache @ PUG Rome 03-29-2011Alessandro Nadalin
 

Weitere ähnliche Inhalte

Was ist angesagt?

Picobgp - A simple deamon for routing advertising
Picobgp - A simple deamon for routing advertisingPicobgp - A simple deamon for routing advertising
Picobgp - A simple deamon for routing advertisingClaudio Mignanti
 
IPv6 in CloudStack Basic Networking
IPv6 in CloudStack Basic NetworkingIPv6 in CloudStack Basic Networking
IPv6 in CloudStack Basic NetworkingWido den Hollander
 
6. hands on - open mano demonstration in remote pool of servers
6. hands on - open mano demonstration in remote pool of servers6. hands on - open mano demonstration in remote pool of servers
6. hands on - open mano demonstration in remote pool of serversvideos
 
Linux Network commands
Linux Network commandsLinux Network commands
Linux Network commandsHanan Nmr
 
Packet Tracer: Nat protocol
Packet Tracer: Nat protocolPacket Tracer: Nat protocol
Packet Tracer: Nat protocolRafat Khandaker
 
The Basic Introduction of Open vSwitch
The Basic Introduction of Open vSwitchThe Basic Introduction of Open vSwitch
The Basic Introduction of Open vSwitchTe-Yen Liu
 
Dynamische Routingprotokolle Aufzucht und Pflege - OSPF
Dynamische Routingprotokolle Aufzucht und Pflege - OSPFDynamische Routingprotokolle Aufzucht und Pflege - OSPF
Dynamische Routingprotokolle Aufzucht und Pflege - OSPFMaximilan Wilhelm
 
Thrift+scribe实现分布式日志收集,并与log4j集成
Thrift+scribe实现分布式日志收集,并与log4j集成Thrift+scribe实现分布式日志收集,并与log4j集成
Thrift+scribe实现分布式日志收集,并与log4j集成zhongbing liu
 
5. hands on - building local development environment with Open Mano
5. hands on - building local development environment with Open Mano5. hands on - building local development environment with Open Mano
5. hands on - building local development environment with Open Manovideos
 
debugging openstack neutron /w openvswitch
debugging openstack neutron /w openvswitchdebugging openstack neutron /w openvswitch
debugging openstack neutron /w openvswitch어형 이
 
Passwords Found on a Wireless Network
Passwords Found on a Wireless NetworkPasswords Found on a Wireless Network
Passwords Found on a Wireless NetworkDug Song
 
Linux network stack
Linux network stackLinux network stack
Linux network stackTakuya ASADA
 
DevoxxFR 2016 - 3 degrees of MoM
DevoxxFR 2016 - 3 degrees of MoMDevoxxFR 2016 - 3 degrees of MoM
DevoxxFR 2016 - 3 degrees of MoMGuillaume Arnaud
 
Building your own CGN boxes with Linux
Building your own CGN boxes with LinuxBuilding your own CGN boxes with Linux
Building your own CGN boxes with LinuxMaximilan Wilhelm
 
Achieving the Ultimate Performance with KVM
Achieving the Ultimate Performance with KVMAchieving the Ultimate Performance with KVM
Achieving the Ultimate Performance with KVMdata://disrupted®
 

Was ist angesagt? (20)

Picobgp - A simple deamon for routing advertising
Picobgp - A simple deamon for routing advertisingPicobgp - A simple deamon for routing advertising
Picobgp - A simple deamon for routing advertising
 
IPv6 in CloudStack Basic Networking
IPv6 in CloudStack Basic NetworkingIPv6 in CloudStack Basic Networking
IPv6 in CloudStack Basic Networking
 
6. hands on - open mano demonstration in remote pool of servers
6. hands on - open mano demonstration in remote pool of servers6. hands on - open mano demonstration in remote pool of servers
6. hands on - open mano demonstration in remote pool of servers
 
Linux Network commands
Linux Network commandsLinux Network commands
Linux Network commands
 
Packet Tracer: Nat protocol
Packet Tracer: Nat protocolPacket Tracer: Nat protocol
Packet Tracer: Nat protocol
 
The Basic Introduction of Open vSwitch
The Basic Introduction of Open vSwitchThe Basic Introduction of Open vSwitch
The Basic Introduction of Open vSwitch
 
Dynamische Routingprotokolle Aufzucht und Pflege - OSPF
Dynamische Routingprotokolle Aufzucht und Pflege - OSPFDynamische Routingprotokolle Aufzucht und Pflege - OSPF
Dynamische Routingprotokolle Aufzucht und Pflege - OSPF
 
Thrift+scribe实现分布式日志收集,并与log4j集成
Thrift+scribe实现分布式日志收集,并与log4j集成Thrift+scribe实现分布式日志收集,并与log4j集成
Thrift+scribe实现分布式日志收集,并与log4j集成
 
OVS-NFV Tutorial
OVS-NFV TutorialOVS-NFV Tutorial
OVS-NFV Tutorial
 
Nomenclatura QNAP
Nomenclatura QNAPNomenclatura QNAP
Nomenclatura QNAP
 
5. hands on - building local development environment with Open Mano
5. hands on - building local development environment with Open Mano5. hands on - building local development environment with Open Mano
5. hands on - building local development environment with Open Mano
 
debugging openstack neutron /w openvswitch
debugging openstack neutron /w openvswitchdebugging openstack neutron /w openvswitch
debugging openstack neutron /w openvswitch
 
nullcon 2010 - Software Fuzzing with Wireplay
nullcon 2010 - Software Fuzzing with Wireplaynullcon 2010 - Software Fuzzing with Wireplay
nullcon 2010 - Software Fuzzing with Wireplay
 
Passwords Found on a Wireless Network
Passwords Found on a Wireless NetworkPasswords Found on a Wireless Network
Passwords Found on a Wireless Network
 
Nsq meetup-messaging
Nsq meetup-messagingNsq meetup-messaging
Nsq meetup-messaging
 
Raspi32
Raspi32Raspi32
Raspi32
 
Linux network stack
Linux network stackLinux network stack
Linux network stack
 
DevoxxFR 2016 - 3 degrees of MoM
DevoxxFR 2016 - 3 degrees of MoMDevoxxFR 2016 - 3 degrees of MoM
DevoxxFR 2016 - 3 degrees of MoM
 
Building your own CGN boxes with Linux
Building your own CGN boxes with LinuxBuilding your own CGN boxes with Linux
Building your own CGN boxes with Linux
 
Achieving the Ultimate Performance with KVM
Achieving the Ultimate Performance with KVMAchieving the Ultimate Performance with KVM
Achieving the Ultimate Performance with KVM
 

Ähnlich wie Open Source Non-Caching Proxy ExaProxy High Performance

MNPHP Scalable Architecture 101 - Feb 3 2011
MNPHP Scalable Architecture 101 - Feb 3 2011MNPHP Scalable Architecture 101 - Feb 3 2011
MNPHP Scalable Architecture 101 - Feb 3 2011Mike Willbanks
 
HTTP cache @ PUG Rome 03-29-2011
HTTP cache @ PUG Rome 03-29-2011HTTP cache @ PUG Rome 03-29-2011
HTTP cache @ PUG Rome 03-29-2011Alessandro Nadalin
 
HAProxy scale out using open source
HAProxy scale out using open sourceHAProxy scale out using open source
HAProxy scale out using open sourceIngo Walz
 
Using aphace-as-proxy-server
Using aphace-as-proxy-serverUsing aphace-as-proxy-server
Using aphace-as-proxy-serverHARRY CHAN PUTRA
 
T3DD12 Caching with Varnish
T3DD12 Caching with VarnishT3DD12 Caching with Varnish
T3DD12 Caching with VarnishAOE
 
Site Performance - From Pinto to Ferrari
Site Performance - From Pinto to FerrariSite Performance - From Pinto to Ferrari
Site Performance - From Pinto to FerrariJoseph Scott
 
T3DD12 Caching with Varnish
T3DD12 Caching with VarnishT3DD12 Caching with Varnish
T3DD12 Caching with VarnishAOE
 
Speedup your WordPress mit Nginx und HTTP/2
Speedup your WordPress mit Nginx und HTTP/2Speedup your WordPress mit Nginx und HTTP/2
Speedup your WordPress mit Nginx und HTTP/2wpmeetupka
 
Pushing the web — WebSockets
Pushing the web — WebSocketsPushing the web — WebSockets
Pushing the web — WebSocketsRoland M
 
Roy foubister (hosting high traffic sites on a tight budget)
Roy foubister (hosting high traffic sites on a tight budget)Roy foubister (hosting high traffic sites on a tight budget)
Roy foubister (hosting high traffic sites on a tight budget)WordCamp Cape Town
 
REST in peace @ IPC 2012 in Mainz
REST in peace @ IPC 2012 in MainzREST in peace @ IPC 2012 in Mainz
REST in peace @ IPC 2012 in MainzAlessandro Nadalin
 
Ch 22: Web Hosting and Internet Servers
Ch 22: Web Hosting and Internet ServersCh 22: Web Hosting and Internet Servers
Ch 22: Web Hosting and Internet Serverswebhostingguy
 
Introduction to OverTheBox
Introduction to OverTheBoxIntroduction to OverTheBox
Introduction to OverTheBoxOVHcloud
 
High Performance Wordpress: “Faster, Cheaper, Easier : Pick Three”
High Performance Wordpress: “Faster, Cheaper, Easier : Pick Three”High Performance Wordpress: “Faster, Cheaper, Easier : Pick Three”
High Performance Wordpress: “Faster, Cheaper, Easier : Pick Three”Valent Mustamin
 
Owasp AppSecEU 2015 - BeEF Session
Owasp AppSecEU 2015 - BeEF SessionOwasp AppSecEU 2015 - BeEF Session
Owasp AppSecEU 2015 - BeEF SessionBart Leppens
 
Computer network (10)
Computer network (10)Computer network (10)
Computer network (10)NYversity
 
66 pfsense tutorial
66 pfsense tutorial66 pfsense tutorial
66 pfsense tutorialequinonesr
 
Load Balancing with Apache
Load Balancing with ApacheLoad Balancing with Apache
Load Balancing with ApacheBradley Holt
 

Ähnlich wie Open Source Non-Caching Proxy ExaProxy High Performance (20)

MNPHP Scalable Architecture 101 - Feb 3 2011
MNPHP Scalable Architecture 101 - Feb 3 2011MNPHP Scalable Architecture 101 - Feb 3 2011
MNPHP Scalable Architecture 101 - Feb 3 2011
 
HTTP cache @ PUG Rome 03-29-2011
HTTP cache @ PUG Rome 03-29-2011HTTP cache @ PUG Rome 03-29-2011
HTTP cache @ PUG Rome 03-29-2011
 
HAProxy scale out using open source
HAProxy scale out using open sourceHAProxy scale out using open source
HAProxy scale out using open source
 
Using aphace-as-proxy-server
Using aphace-as-proxy-serverUsing aphace-as-proxy-server
Using aphace-as-proxy-server
 
T3DD12 Caching with Varnish
T3DD12 Caching with VarnishT3DD12 Caching with Varnish
T3DD12 Caching with Varnish
 
Site Performance - From Pinto to Ferrari
Site Performance - From Pinto to FerrariSite Performance - From Pinto to Ferrari
Site Performance - From Pinto to Ferrari
 
T3DD12 Caching with Varnish
T3DD12 Caching with VarnishT3DD12 Caching with Varnish
T3DD12 Caching with Varnish
 
Speedup your WordPress mit Nginx und HTTP/2
Speedup your WordPress mit Nginx und HTTP/2Speedup your WordPress mit Nginx und HTTP/2
Speedup your WordPress mit Nginx und HTTP/2
 
Pushing the web — WebSockets
Pushing the web — WebSocketsPushing the web — WebSockets
Pushing the web — WebSockets
 
Roy foubister (hosting high traffic sites on a tight budget)
Roy foubister (hosting high traffic sites on a tight budget)Roy foubister (hosting high traffic sites on a tight budget)
Roy foubister (hosting high traffic sites on a tight budget)
 
REST in peace @ IPC 2012 in Mainz
REST in peace @ IPC 2012 in MainzREST in peace @ IPC 2012 in Mainz
REST in peace @ IPC 2012 in Mainz
 
Ch 22: Web Hosting and Internet Servers
Ch 22: Web Hosting and Internet ServersCh 22: Web Hosting and Internet Servers
Ch 22: Web Hosting and Internet Servers
 
Introduction to OverTheBox
Introduction to OverTheBoxIntroduction to OverTheBox
Introduction to OverTheBox
 
High Performance Wordpress: “Faster, Cheaper, Easier : Pick Three”
High Performance Wordpress: “Faster, Cheaper, Easier : Pick Three”High Performance Wordpress: “Faster, Cheaper, Easier : Pick Three”
High Performance Wordpress: “Faster, Cheaper, Easier : Pick Three”
 
Owasp AppSecEU 2015 - BeEF Session
Owasp AppSecEU 2015 - BeEF SessionOwasp AppSecEU 2015 - BeEF Session
Owasp AppSecEU 2015 - BeEF Session
 
WebSocket protocol
WebSocket protocolWebSocket protocol
WebSocket protocol
 
Computer network (10)
Computer network (10)Computer network (10)
Computer network (10)
 
HTTP
HTTPHTTP
HTTP
 
66 pfsense tutorial
66 pfsense tutorial66 pfsense tutorial
66 pfsense tutorial
 
Load Balancing with Apache
Load Balancing with ApacheLoad Balancing with Apache
Load Balancing with Apache
 

Mehr von Thomas Mangin

LINX 83 ExaBGP as a route server ?
LINX 83 ExaBGP as a route server ?LINX 83 ExaBGP as a route server ?
LINX 83 ExaBGP as a route server ?Thomas Mangin
 
The benefit of BGP for every service provider
The benefit of BGP for every service providerThe benefit of BGP for every service provider
The benefit of BGP for every service providerThomas Mangin
 
IXLeeds 2 Technical Update
IXLeeds 2 Technical UpdateIXLeeds 2 Technical Update
IXLeeds 2 Technical UpdateThomas Mangin
 

Mehr von Thomas Mangin (9)

LINX 83 ExaBGP as a route server ?
LINX 83 ExaBGP as a route server ?LINX 83 ExaBGP as a route server ?
LINX 83 ExaBGP as a route server ?
 
VOIP QOS
VOIP QOSVOIP QOS
VOIP QOS
 
Naked BGP
Naked BGPNaked BGP
Naked BGP
 
The benefit of BGP for every service provider
The benefit of BGP for every service providerThe benefit of BGP for every service provider
The benefit of BGP for every service provider
 
ScavengerEXA
ScavengerEXAScavengerEXA
ScavengerEXA
 
AS-STATS
AS-STATSAS-STATS
AS-STATS
 
BGP route leak
BGP route leakBGP route leak
BGP route leak
 
IXLeeds 2 Technical Update
IXLeeds 2 Technical UpdateIXLeeds 2 Technical Update
IXLeeds 2 Technical Update
 
IXLeeds
IXLeeds IXLeeds
IXLeeds
 

Kürzlich hochgeladen

Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsRoshan Dwivedi
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 

Kürzlich hochgeladen (20)

Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 

Open Source Non-Caching Proxy ExaProxy High Performance

  • 1. ExaProxy open source web proxy UKNOF - 3rd of May 2012 York Thomas Mangin Exa Networks
  • 2. Non-caching Proxy ALERT ! or transparent proxy reverse forward HTTP/1.1
  • 3. epoll on linux multi-threaded Non-caching Proxy High Performance non-blocking event based network loop use of cheap co-routine sockets as message bus or transparent proxy reverse forward HTTP/1.1 ALERT ! own async DNS library conservative memory usage “pause” reader when writer is too slow
  • 4. Non-caching Proxy IPv6 INSIDE Full native IPv6 support IPv6 to IPv4 gateway (and vice versa) or transparent proxy reverse forward NO ! It does NOT blend HTTP/1.1 ALERT !
  • 6. FORWARD PROXIES FILTERING PROXIES WHAT PROXY ARE AVAILABLE FOR OUR USE Our Need !
  • 8. A Filtering SQUID cluster ... Works However Linux ipvsadm for load balancing (MAC address rewrite) Farm of squid servers Can’t use L7 Load balancer Can not filter HTTPS (CONNECT) Load balancing must be sticky “cascade effect” on failure no load balancing backend monitoring
  • 9. And you need to maintain a TWO liner PATCH SQUID purposefully crashes on high load debug(84, 1) ("WARNING: All %s processes are busy.n", hlp->id_name); debug(84, 1) ("WARNING: up to %d pending requests queuedn", hlp- >stats.max_queue_size); - if (hlp->stats.queue_size > hlp->n_running * 2) - fatalf("Too many queued %s requests (%d on %d)", hlp->id_name, hlp- >stats.queue_size, hlp->n_running);
  • 10. SQUID compatible and ICAP (REQMOD) like mode Cookie modification force safe-search on youtube HTTPS filtering / Interception when browser/other proxy explicitly configured redirect the browser to a HTTP page .. HTTP/1.1 200 Connection Established CONNECT www.hsbc.com:443 HTTP/1.1 Host: www.hsbc.com HTTP/1.1 302 Surfprotected Cache-Control: no-store Location: http://www.surfprotect.co.uk/ Connection: closeHTTP/1.1 403 Surfprotected Connection: close Browsers just disabled this “feature” following some work on HTTBisNo way to return a message to the browser via 4xx/5xx URL Rewrite display a different URL
  • 11. 250+ commits since (and counting)
  • 12. HAVE FUN ...*** *** if you are brave, mad, desperate or any of the above ! From: !David Farrar <david.farrar@exa-networks.co.uk> ! Subject: !D'oh! ! Date: !27 April 2012 12:31:53 GMT+01:00 ! To: !Thomas Mangin <thomas.mangin@exa-networks.co.uk> I now know why it was such a pain tracking down the source of the memory leak It requires that - - The client starts a new request over a socket that's already been used for at least one request - The send buffer to the remote web server was full when we first try sending the new request - The client is uploading a very large file (or this happens many times with smaller files) - The upload speed from the client to the proxy is greater than the upload speed from the proxy to the remote web server http://code.google.com/p/exaproxy/ We have ! ( It only took a week )