Forum Discussion

Stefan_Magnus_L's avatar
Icon for Nimbostratus rankNimbostratus
May 04, 2012

OneConnect, HTTP pipelining and security

We have a relatively large and secure web-site running behind bigip. Currently we don't have OneConnect enabled, but are considering it in order to make the system perform better.



It says in the docs that pipelined requests are not supported - I wonder what this means in practical terms for Opera users. Anyone?



Are there any risks for requests getting intermingled when using oneconnect?





2 Replies

  • Hi Stefan,



    I expect any client that tries to pipeline requests would have them serialized on the serverside. Though I think that happens with an HTTP profile without OneConnect anyhow. You could test this fairly quickly using a client that has pipelining enabled.



  • The RFC:

       A client that supports persistent connections MAY "pipeline" its
       requests (i.e., send multiple requests without waiting for each
       response). A server MUST send its responses to those requests in the
       same order that the requests were received.

    In case you apply OneConnect it would be required to avoid connection pooling for pipelined requests. Otherwise there would be no way to demultiplex the server replies as there is no concept of message identifier in the http protocol, afaik.