Help us better understanding WampRawSocketProtocol
65 views
Skip to first unread message
AmvTek
Oct 27, 2015, 6:05:20 AM10/27/15
to Crossbar
Hello,
we find your crossbar router quite attractive for some projects we are currently working on.
We try to better understand WampRawSocketProtocol with the view of porting it to Android/IOS modifying an internal library (appconnect) we have been using accross different projects.
Our questions :
1. Does WampRawSocketProtocol provides some sort of HEARTBEAT mechanism to allow server & client to detect stalled connections. We found this to be highly needed when connecting through mobile networks.
2. Does WampRawSocketProtocol allow you to cross webserver in the same way websocket allow you through HTTP upgrade.
We know that websocket buys you 1. & 2. but we will prefer to do without to keep dependencies at a minimum.
Is there somewhere a WAMP test suite we could leverage to test our own implementation attend.
Best regards,
Marc
we find your crossbar router quite attractive for some projects we are currently working on.
We try to better understand WampRawSocketProtocol with the view of porting it to Android/IOS modifying an internal library (appconnect) we have been using accross different projects.
Our questions :
1. Does WampRawSocketProtocol provides some sort of HEARTBEAT mechanism to allow server & client to detect stalled connections. We found this to be highly needed when connecting through mobile networks.
2. Does WampRawSocketProtocol allow you to cross webserver in the same way websocket allow you through HTTP upgrade.
We know that websocket buys you 1. & 2. but we will prefer to do without to keep dependencies at a minimum.
Is there somewhere a WAMP test suite we could leverage to test our own implementation attend.
Best regards,
Marc
Alexander Gödde
Oct 29, 2015, 7:46:04 AM10/29/15
to Crossbar
Hi Marc!
First of all: WAMP over RawSocket differs from WAMP over WebSocket in the transport layer used, so all differences are down to that.
Now to your specific questions:
1. RawSocket as specified provides for a pin/pong mechanism (see discussion of this feature) and the spec defines message types for this.
2. RawSocket can be used with TLS, so crossing intermediaries should not be a problem. It is not related to HTTP though, so there is no WebSocket-like start as HTTP.
Regards,
Alex
AmvTek
Oct 30, 2015, 4:40:55 AM10/30/15
to Crossbar
Hi Alexander,
Thank you for your reply, we reviewed the documents you referred us to and we now have a better understanding of WAMP over RawSocket. We have a few more questions :
PING/PONG mechanism :
------------------------------------
We found in your RFC description on how PING & PONG messages might be encoded over RawSocket transport.
It looks to us though that this is not currently implemented by autobahn RawSocket transport implementation.
Is this correct ?
Crossing intermediaries :
----------------------------------
Our question was not clear, what we meant was if RawSocket would let you reach crossbar proxied by a WebServer like nginx.
Our understanding of the wire protocol is that this is not possible as the handshake does not include an HTTP upgrade request.
In our opinion optionally allowing the transport to start with an Upgrade request ( eg asking to upgrade to wamp-over-foobar...) brings several benefits :
1. Simplify deployment as port 443 is the unique entry path in the system
2. Allow to use the webserver for TLS offloading and load balancing.
As far as we now understand the crossbar clean codebase, we are not bound to use WebSocket or RawSocket but we can implement a Transport with the features we need.
Best regards,
Marc
Thank you for your reply, we reviewed the documents you referred us to and we now have a better understanding of WAMP over RawSocket. We have a few more questions :
PING/PONG mechanism :
------------------------------------
We found in your RFC description on how PING & PONG messages might be encoded over RawSocket transport.
It looks to us though that this is not currently implemented by autobahn RawSocket transport implementation.
Is this correct ?
Crossing intermediaries :
----------------------------------
Our question was not clear, what we meant was if RawSocket would let you reach crossbar proxied by a WebServer like nginx.
Our understanding of the wire protocol is that this is not possible as the handshake does not include an HTTP upgrade request.
In our opinion optionally allowing the transport to start with an Upgrade request ( eg asking to upgrade to wamp-over-foobar...) brings several benefits :
1. Simplify deployment as port 443 is the unique entry path in the system
2. Allow to use the webserver for TLS offloading and load balancing.
As far as we now understand the crossbar clean codebase, we are not bound to use WebSocket or RawSocket but we can implement a Transport with the features we need.
Best regards,
Marc
Tobias Oberstein
Oct 31, 2015, 9:18:52 AM10/31/15
to cross...@googlegroups.com
> PING/PONG mechanism :
> ------------------------------------
> We found in your RFC
> <https://tools.ietf.org/html/draft-oberstet-hybi-tavendo-wamp-02#section-13.7.3.1.4>description
> ------------------------------------
> We found in your RFC
> on how PING & PONG messages might be encoded over RawSocket transport.
> It looks to us though that this is not currently implemented by autobahn
> <https://github.com/crossbario/autobahn-python/blob/master/autobahn/twisted/rawsocket.py>
> It looks to us though that this is not currently implemented by autobahn
> RawSocket transport implementation.
> Is this correct ?
Yes, correct: https://github.com/crossbario/autobahn-python/issues/453
> Is this correct ?
>
> Crossing intermediaries :
> ----------------------------------
> Our question was not clear, what we meant was if RawSocket would let you
> reach crossbar proxied by a WebServer like nginx.
> Our understanding of the wire protocol is that this is not possible as
> the handshake does not include an HTTP upgrade
Correct
> In our opinion optionally allowing the transport to start with an
> Upgrade request ( eg asking to upgrade to wamp-over-foobar...) brings
> several benefits :
one area where RawSocket is much simpler.
> 1. Simplify deployment as port 443 is the unique entry path in the system
> 2. Allow to use the webserver for TLS offloading and load balancing.
working a layer 4 (TCP).
Offloading TLS: to what? Why?
>
> As far as we now understand the crossbar clean codebase, we are not
> bound to use WebSocket or RawSocket but we can implement a Transport
> with the features we need.
- Crossbar.io does not have supported extension APIs for internal modules.
- you are inventing sth uneeded and proprietory (and in any case, you
have to comply to the AGPL, the OSS license of Crossbar.io)
In summary, I'd recommend:
Go with RawSocket as defined, run that over 443/TLS, use a L4 LB and let
Crossbar.io terminate the TLS.
Cheers,
/Tobias
>
> Best regards,
> Marc
>
> On Thursday, October 29, 2015 at 1:46:04 PM UTC+2, Alexander Gödde wrote:
>
> Hi Marc!
>
> First of all: WAMP over RawSocket differs from WAMP over WebSocket
> in the transport layer used, so all differences are down to that.
>
> Now to your specific questions:
>
> 1. RawSocket as specified provides for a pin/pong mechanism (see
> discussion of this feature
> <https://tools.ietf.org/html/draft-oberstet-hybi-tavendo-wamp-02#section-13.7.3>
> You received this message because you are subscribed to the Google
> Groups "Crossbar" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to crossbario+...@googlegroups.com
> <mailto:crossbario+...@googlegroups.com>.
> To post to this group, send email to cross...@googlegroups.com
> <mailto:cross...@googlegroups.com>.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/crossbario/6d608405-6396-483b-80ad-9df45761fc0a%40googlegroups.com
> <https://groups.google.com/d/msgid/crossbario/6d608405-6396-483b-80ad-9df45761fc0a%40googlegroups.com?utm_medium=email&utm_source=footer>.
> For more options, visit https://groups.google.com/d/optout.
AmvTek
Nov 1, 2015, 4:39:52 AM11/1/15
to Crossbar
Hi Tobias,
Thank you for your insights.
For the sake of clarity, we have no intention to use crossbar without complying with the licence terms :)
To complement the discussion, some more informations on the practical considerations behind our previous questions.
PING/PONG mechanism :
------------------------------------
RawSocket will support it : OK
In our experience, we found this to be highly necessary when in need to maintain long running connections over shaky GSM networks.
Terminating TLS at the CrossBar :
----------------------------------------------
No doubt that security wise this brings benefits, and that a L4 LB can be used if we need to load balance several nodes.
We are heavy users of Twisted ourselves, but we lake experience here. We have always been assuming that using Twisted to terminate TLS will have a major impact on server performance, but we never seriously tried.
The benefits of allowing TCP connections to cross the web server are :
1. Simpler infrastructure, you need only one daemon at the gate of your system (eg NGINX vs HAPROXY+NGINX). This is a minor benefit though as both are easy to deploy.
2. Lower costs for X509 certification as a single host (hence X509 certificate) can be used for web and non web content. This is also minor as RawSocket host can be certified using in house certificate.
3. Web server like NGINX being good at processing the incoming Upgrade request, we may involve other existing application which have an HTTP interface to preprocess the request. For example NGINX can forward the initial Upgrade request to a first gateway that will check if it is authorized to access your infrastructure and such application will then instruct NGINX to pass the request to a CrossBar that will respond HTTP 101... If you are to terminate TLS at the CrossBar, you may have to do a lot more inside there for your application to work.
Best regards,
Marc
Thank you for your insights.
For the sake of clarity, we have no intention to use crossbar without complying with the licence terms :)
To complement the discussion, some more informations on the practical considerations behind our previous questions.
PING/PONG mechanism :
------------------------------------
RawSocket will support it : OK
In our experience, we found this to be highly necessary when in need to maintain long running connections over shaky GSM networks.
Terminating TLS at the CrossBar :
----------------------------------------------
No doubt that security wise this brings benefits, and that a L4 LB can be used if we need to load balance several nodes.
We are heavy users of Twisted ourselves, but we lake experience here. We have always been assuming that using Twisted to terminate TLS will have a major impact on server performance, but we never seriously tried.
The benefits of allowing TCP connections to cross the web server are :
1. Simpler infrastructure, you need only one daemon at the gate of your system (eg NGINX vs HAPROXY+NGINX). This is a minor benefit though as both are easy to deploy.
2. Lower costs for X509 certification as a single host (hence X509 certificate) can be used for web and non web content. This is also minor as RawSocket host can be certified using in house certificate.
3. Web server like NGINX being good at processing the incoming Upgrade request, we may involve other existing application which have an HTTP interface to preprocess the request. For example NGINX can forward the initial Upgrade request to a first gateway that will check if it is authorized to access your infrastructure and such application will then instruct NGINX to pass the request to a CrossBar that will respond HTTP 101... If you are to terminate TLS at the CrossBar, you may have to do a lot more inside there for your application to work.
Best regards,
Marc
> <mailto:crossbario+unsub...@googlegroups.com>.
Reply all
Reply to author
Forward
0 new messages