a) TCP_DEFER_ACCEPT isn't specified in any RFC and breaks regular handshake negotiation of RFC 793.
b) The load-balancer shouldn't open an HTTP connection and not use it immediately, but no one could/did provide a definitive rule on that.
The upshot is, any Apache 2.1.5+ installation behind pipe-lining load-balancers could suffer the same fate. It is something we should add to the documentation for version 2.1.5+, and it should be up-front in the installation notes for the server product as well as making the server support teams aware of it.
In one way shipping Apache with TCP_DEFER_ACCEPT enabled is in breach of the RFCs and as such it could be argued is a 'bad thing'. On the other had it appears it affects only a small number of installations (judging by how little information there is about it).
There are a few other related issues around TCP_KEEP_ALIVE and broken time-outs in the 'netdev' and 'kernel' mailing lists, and at apache:
I asked the question on the 'netdev' mailing list and got some inconclusive reactions.
http:// marc.info/ ?l=linux- netdev& m=1187914245317 02&w=2
The general consensus was that:
a) TCP_DEFER_ACCEPT isn't specified in any RFC and breaks regular handshake negotiation of RFC 793.
b) The load-balancer shouldn't open an HTTP connection and not use it immediately, but no one could/did provide a definitive rule on that.
The upshot is, any Apache 2.1.5+ installation behind pipe-lining load-balancers could suffer the same fate. It is something we should add to the documentation for version 2.1.5+, and it should be up-front in the installation notes for the server product as well as making the server support teams aware of it.
In one way shipping Apache with TCP_DEFER_ACCEPT enabled is in breach of the RFCs and as such it could be argued is a 'bad thing'. On the other had it appears it affects only a small number of installations (judging by how little information there is about it).
There are a few other related issues around TCP_KEEP_ALIVE and broken time-outs in the 'netdev' and 'kernel' mailing lists, and at apache:
Apache "TCP_DEFER_ACCEPT timeout set way too low" http:// issues. apache. org/bugzilla/ show_bug. cgi?id= 41270 marc.info/ ?l=linux- kernel& m=1193967265316 95&w=2 marc.info/ ?l=linux- netdev& m=1167533488150 44&w=2
kernel "TCP_DEFER_ACCEPT issues" http://
netdev "TCP_DEFER_ACCEPT brokenness?" http://