jrudolph commented on issue #332: URL: https://github.com/apache/incubator-pekko-http/issues/332#issuecomment-1759128967
In my tests on my machine, you can load a core with about 8-10MB/s of network input using either just RST frames or HEADERS/RST. How bad is that? It means you already have to almost saturate a 100GBit link for this to become relevant. On the other hand, the real cost might come from actually running requests that are already cancelled (see also #330). These are run in a stream with configurable parallelism, so there's no unlimited forking of work going on. In perspective, this is probably not the best targeted attack you could do if you want to target a specific site (because you only target HTTP/2 infrastructure and not all the rest of the backend). On the other hand, it is unfortunate if you get hit by an easy drive-by attack. One thing to consider is that it is not recommended to run Pekko HTTP on the public internet directly (as it is not recommended to run any web server on the public internet directly without the necessary precautions, you would much more likely put a more well-established web proxy like nginx etc in front of any real loads, especially if you have exposure). So, the real impact of this problem is probably negligible right now. A solution will probably want to implement some kind of rate limiting. Unfortunately, this will introduce both a small performance penalty but also another knob that you have to tune, especially for high loads. This makes for an awkward position when choosing the default because there's little reason to enable the rate limit for a non-exposed load (= almost all) while when you are running it on the public internet you will have to tweak settings to enable the feature. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@pekko.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: notifications-unsubscr...@pekko.apache.org For additional commands, e-mail: notifications-h...@pekko.apache.org
