On Fri, May 20, 2022 at 12:16:07PM +0100, Mark Zealey wrote:
> Thanks, we may use this for a very rough proof-of-concept. However we are
> dealing with millions of concurrent connections, 10-100 million connections
> per day, so we'd prefer to pay someone to develop (+ test!) something for
> haproxy which will work at this scale

That's a big problem with gzip. While compression can be done stateless
(which is what we're doing with SLZ), decompression uses roughly 256 kB
of permanent RAM per *stream*. That's 256 GB of RAM for just one million
connections, 1 TB of RAM for just 4 million connections. Sadly, that's a
perfect example of use case that requires extreme horizontal scalability
and that's better kept away from the LB and performed on servers.

Isn't there any way to advertise support or lack of for compression ?
Because if your real need is to extract contents to perform any form of
processing, we could imagine that instead of having to decompress the
stream, it would be better if we could interfere with the connection
setup to disable compression.

I'm just trying to figure a reasonable alternative, because like this in
addition to being extremely unscalable, it makes your LBs a trivial DoS
target.

Regards,
Willy

Reply via email to