Web ServersGeneric OverviewSlide 3Common FeaturesSlide 5Slide 6Additional FeaturesSlide 8Slide 9Origin of returned contentContent OriginPath translationSlide 13Slide 14PerformanceSlide 16Slide 17Load limitsSlide 19Overload causesSlide 21Slide 22Overload symptomsSlide 24Anti-overload techniquesSlide 26Slide 27Slide 28Historical notesSlide 30Slide 31Slide 32SoftwareSlide 34Slide 35StatisticsSlide 37Popular Web ServersApacheSlide 40Slide 41Apache HistoryHistorySlide 44FeaturesSlide 46Slide 47Slide 48UsageSlide 50Slide 51Slide 52Slide 53LicenseSlide 55Slide 56Microsoft IISIISHistory of IISSlide 60Slide 61SecuritySlide 63Slide 64Slide 65Slide 66Slide 67Authentication mechanismsSlide 69Internet Information Services 7.0Slide 71Slide 72Slide 73Slide 74Slide 75Slide 76Slide 77SummaryWeb ServersGeneric Overviewhttp://en.wikipedia.org/wiki/Web_serversWeb ServersA web server can be:A computer program Responsible for accepting HTTP requests from clients (web browsers)Returns HTTP responses with optional data contentsUsually web pagesHTML documentsLinked objects (images, etc.). A computer that runs a computer program which provides the above functionalityCommon FeaturesCommon FeaturesHTTP Accepts HTTP requests from a clientProvides HTTP responses to the clientTypically an HTML documentCan also be:Raw text fileImage Some other type of documentdefined by MIME-typesIf an error is found in the client request or while trying to serve the requestWeb server has to send an error responseMay include custom HTMLMay have text messages to better explain the problem to end users.Common FeaturesLogging Web servers keep detailed information to log files Client requestsServer responsesAllows the webmaster to collect dataRunning log analyzersAdditional FeaturesAuthenticationOptional authorization before allowing access to some or all resourcesRequires a user name and passwordHandleStatic contentDynamic content Support one or more related interfaces SSI, CGI, SCGI, FastCGI, JSP, PHP, ASP, ASP .NET, Server API such as NSAPI, ISAPI, etc.Additional FeaturesHTTPS support VIA SSL or TLSAllows secure (encrypted) connectionsUsing port 443 instead of port 80Content compressionI.e. by gzip encodingReduces the size of the responsesLower bandwidth usage, etc.Additional FeaturesVirtual hostingServe many web sites using one IP addressLarge file supportServe files greater than 2 GBTypical 32 bit OS restrictionBandwidth throttlingLimit the speed of responsesDo not saturate the networkAble to serve more clientsOrigin of returned contentWhere does it all come from?Content OriginThe origin of the content may be:StaticComes from an existing file pre-existing in a file system DynamicDynamically generated by some other programScriptApplication Programming Interface (API) called by the web serverStatic content is usually delivered much faster than dynamic content2 to 100 timesEspecially if the latter involves data pulled from a databasePath translationHow does it find it?Path translationWeb servers map the path component of a Uniform Resource Locator (URL) into:Local file system resourceStatic requestsInternal or external program nameDynamic requestsFor a static request the URL path specified by the client is relative to the Web server's root directoryPath translationConsider the following URL requested by a client:http://www.example.com/path/file.html Client's web browser translates it into a connection to www.example.com with the following HTTP 1.1 request:GET /path/file.html HTTP/1.1 Host: www.example.com The web server on www.example.com then appends the given path to the path of its root directoryOn Unix machines, this is commonly /var/www/htdocs. The result would then be the local file system resource:/var/www/htdocs/path/file.html Web server then reads the file, if it exists, and sends a response to the client's web browserResponse will describe the content of the file and contain the file itselfPerformancePerformanceWeb servers:Serve requests quicklyFrom more than one TCP/IP connection at a timeMain key performance parameters are:number of requests per seconddepends on the type of request, etc.latency response time in milliseconds for each new connection or requestthroughput in bytes per seconddepending on file size, cached or not cached content, available network bandwidth, etc.Measured under:Varying load of clientsVarying requests per clientPerformancePerformance parameters may vary noticeably depending on the number of active connectionsA fourth parameter is the concurrency level supported by a web server under a specific configurationSpecific server model used to implement a web server program can bias the performance and scalability level that can be reached under heavy load or when using high end hardwaremany CPUs, disks, etc.Load limitsLoad limitsWeb server (program) has defined load limitsIt can handle only a limited number of concurrent client connections per IP address (and IP port) Usually between 2 and 60,000Default between 500 and 1,000Can serve only a certain maximum number of requests per second depending on:its own settingsthe HTTP request typecontent origin (static or dynamic)whether the served content is or is not cachedthe hardware and software limits of the native OSWhen a web server is near to or over its limitsIt becomes overloaded and thus unresponsiveOverload causesOverload causesA sample daily graph of a web server's load, indicating a spike in the load early in the day.Overload causesAt any time web servers can be overloaded because of:Too much legitimate web trafficThousands or even millions of clients hitting the web site in a short interval of timeDDoS (Distributed Denial of Service) attacksComputer wormsAbnormal traffic because of millions of infected computers (not coordinated)XSS virusesMillions of infected browsers and/or web serversInternet web robotsTraffic not filtered / limited on large web sites with very few resources (bandwidth, etc.)Internet (network) slowdownsClient requests are served more slowly and the number of connections increases so much that server limits are reachedWeb servers (computers) partial
View Full Document