On Tue, 10 Oct 2023 at 20:22, Willy Tarreau <w...@1wt.eu> wrote:
>
> So at this point I'm still failing to find any case where this attack
> hurts haproxy more than any of the benchmarks we're routinely inflicting
> it, given that it acts exactly like a client configured with a short
> timeout (e.g. if you configure haproxy with "timeout server 1" and
> have an h2 server, you will basically get the same traffic pattern).

This is pretty much the situation with nginx as well:

https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html



Lukas

Reply via email to