This should be very helpful. Specially if somebody with good understanding on how 0.9 and 1.0 clear each point. My mental model of the library code is built on client-only experience, so it might be incorrect. Either way, I'm sharing, if only to spur the conversation:
1) The websocket connection is negotiated through HTTP but, once both client and server agree to it, data travels back and forth through a point-to-point connection. This means the websocket _is not_ an HTTP connection, and so non of its limitations apply (e.g. maximum number, keep alive, CORS).
2) I was under the impression that the library kept a sequence number for packets. I went to the code but couldn't find a reference to that in the current releases... "maybe it got factored out to
engine.io?", I thought. Checking
engine.io master doesn't reveal any obvious sequencing. Neither do
socket.io and socket.io-client in their 0.9 branches. Maybe I'm just crazy.
I guess this means that, if your service cannot establish a websocket connection to the client, you get no guarantee on order of delivery.
The other possibility is that, due to the fallback mechanism being based on a single connection polling, out of order packets are simply not possible. My brain requires a good argument (or community consensus) to gain confidence on fallback should that be the case.
3) This one bugged me a while back. My research led me to the (then) recent news that popular reverse proxy solutions were getting websocket support. This means now you can have a reverse proxy sit in front of your servers (each capable of establishing a websocket connection to clients), and clients can connect to the actual servers behind it. The proxy "passes on" the websocket.
4) The way I see it, in the event of reconnection the client is not guaranteed to end up connecting to the same server again (client code uses ``connect(origin/namespace)`` after all). If this is a problem, there are ways around it (apparently... I haven't had a need for any of them, this is just 4 months old research):
* sticky sessions, to try to force the entire "client session" to happen with the same server.
* client routing, which sends the same client to the same back-end server each time (thus ensuring reconnection to the same server)... think "client sharding". You could use the client's IP for this (or username, or whatever fits your domain better).
Both this techniques are implemented on the proxy.
5) With a websocket connection, there are no cross-origin request restrictions. If your client has to fallback to a different transport, then your in trouble. There's always the Flash socket (ouch!).
6) I didn't get that. With any luck, the answers above should cover this point.
7)
engine.io is a library designed to take on the task of abstracting the transport layer for realtime communications in a browser-server scenario. The code that solved that problem used to be a part of
socket.io (and still is, in versions prior to 1.0) but was factored out to its own library due to it being non trivial... it turns out that a good transport layer is in itself quite hard to get right.
A more practical explanation might be: with
engine.io you can use an API akin to that of native websockets, but get reliability and scalability for free (it implements all the lower level goodies
socket.io relies on).
I would very much appreciate any corrections on these subjects, as most of my knowledge on the innards of
socket.io is built on hypothesis conjured during hacking sessions.
Regards,
Elvio.