Path: csiph.com!fu-berlin.de!uni-berlin.de!not-for-mail From: Chris Angelico Newsgroups: comp.lang.python Subject: Re: OT: limit number of connections from browser to my server? Date: Tue, 17 May 2016 02:15:50 +1000 Lines: 39 Message-ID: References: Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8 X-Trace: news.uni-berlin.de iV4w23FwCWMrxv/T/cd4+glevTiW3q6DXkcauR+J1AsA== Return-Path: X-Original-To: python-list@python.org Delivered-To: python-list@mail.python.org X-Spam-Status: OK 0.000 X-Spam-Evidence: '*H*': 1.00; '*S*': 0.00; 'static': 0.03; 'anyway.': 0.04; 'socket': 0.07; 'subject:number': 0.07; 'cc:addr:python- list': 0.09; 'here?': 0.09; 'python': 0.10; 'received:74.125.82.44': 0.15; 'file,': 0.15; '2016': 0.16; '2:06': 0.16; 'elsewhere.': 0.16; 'file).': 0.16; 'from:addr:rosuav': 0.16; 'from:name:chris angelico': 0.16; 'received:io': 0.16; 'received:psf.io': 0.16; 'subject:limit': 0.16; 'subject:server': 0.16; 'tcp': 0.16; 'two,': 0.16; 'varies': 0.16; 'wrote:': 0.16; 'ssl': 0.18; 'load': 0.20; 'library': 0.20; 'cc:2**0': 0.20; 'cc:addr:python.org': 0.20; 'am,': 0.23; 'header :In-Reply-To:1': 0.24; 'message-id:@mail.gmail.com': 0.27; 'css': 0.27; 'turns': 0.27; 'device': 0.28; 'fine': 0.28; 'for,': 0.29; 'asked': 0.29; "i'm": 0.30; 'connection': 0.30; 'connections': 0.30; 'embedded': 0.32; 'problem': 0.33; 'http': 0.33; 'tue,': 0.34; 'running': 0.34; 'server': 0.34; 'received:google.com': 0.35; 'so,': 0.35; '???': 0.35; 'something': 0.35; 'received:74.125.82': 0.35; "isn't": 0.35; 'but': 0.36; 'serve': 0.36; 'subject:?': 0.36; 'subject:: ': 0.37; 'stuff': 0.38; 'files': 0.38; 'sure': 0.39; 'subject:from': 0.39; 'some': 0.40; 'software': 0.40; 'your': 0.60; 'connection,': 0.72; 'chrisa': 0.84; 'to:none': 0.91; 'edwards': 0.91 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:cc; bh=1IQakThvO1TDnFqzv1I6mBmLCWFWOrU1HOw44ANLPyg=; b=jDSQm0aUvfWgLslM9v9+8aZDWw0q4fcVaCpsrXrHEkfrfQU+zMLq0xrGOHirSzk2uK 5xEl+yQtwgGpy0VVDYgBsqL3CwPKw/cI9uGsZKayO8QqdaZHtD304hqkHE6kBjDKUXXj AeqGBBnrOpZPpo3lIYdn9R8DjuzKAkAo5V0fhZ5Gn8Z5m8vX4Zq5GBBNdS3LkI+n/vn0 lllS9Zg9XqpVSQcRildbRcsQhL2tzOi44ZXLx6u/pqoe4XmNshVj4bF3dkF+Ge3clW4l Lp6THRLpYtQoyHUFvVi9l4IqZiupAsXLcz3CejL77jjgIWTBPaQWIsQJdqUcC4Mur9Du pRbw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:cc; bh=1IQakThvO1TDnFqzv1I6mBmLCWFWOrU1HOw44ANLPyg=; b=lyVNr0TkZF0JH5UkmkYsMZdV+DlkqZbKPfuiVUg6wxsLeqHhdYAJUGhj202/3ABtOy yd9LE+78axao79kfAAZpmsJHQpPvTqSTEwl33pT0g77SIAyRSXE7Br4bL1/FOlw1odDC 2vdqo/kW1E4tSHI/PRZRPL2nckbojp51628bIsPQyJ0ri4oE9g84OpMYBsFGUOHtRogl QLtPmGB6BqOj/f3x3wmJXLI2yVUBPmPTw1oTXrmZ3RSaPc5TuNHcugSwefcv2AX/WeX2 3NOgovqixjXEYIHPBLCst8tdgCi7N1Cg8uowxYv2nnL/NXmMTE8GWJ9ltiqEDHJ0PrzQ wLWw== X-Gm-Message-State: AOPr4FVZYYub3LFUkCfQAWlIFUcQegL8s7pIPsPOsBFXBLjbcKl2L2QEQxOfwJi6pMYihcyWbHwkTZq1qwXd5Q== X-Received: by 10.28.184.22 with SMTP id i22mr19028302wmf.41.1463415350990; Mon, 16 May 2016 09:15:50 -0700 (PDT) In-Reply-To: X-BeenThere: python-list@python.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: General discussion list for the Python programming language List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-Mailman-Original-Message-ID: X-Mailman-Original-References: Xref: csiph.com comp.lang.python:108668 On Tue, May 17, 2016 at 2:06 AM, Grant Edwards wrote: > So, when a browser wants to load a page that has the main html file, a > css file, a javascript library or two, and a few icons and background > bitmaps, they browser opens up a half-dozen SSL connections in > parallel. > > That's fine when the server is Facebook's server farm. > > But when it's a small embedded device running at 40MHz with a > single-threaded web server and software crypto, it turns a 2-second > page load time into a 15-second page load time. > ... > So now I'm going to set up a simple Python HTTP server to try some > other approaches: > > 1) Only allow the listening socket to accept 1 connection at a time. > > 2) Accept the TCP connection, but don't allow the SSL handshaking to > start on the "extra" connections. > > 3) ??? > > 4) Profits! > > Any ideas? If your server is single-threaded, it ought to be processing only one connection at a time anyway. Are you sure parallel connections are the problem here? The solution might actually be to move all your static files elsewhere. Slap 'em up onto github.io or something, and then the browser is free to make all the parallel connections it likes; your embedded device can just serve the stuff that actually varies (presumably the main HTML file). I know that isn't what you asked for, but it's something to consider :) ChrisA