4

In Netty 4.0.x the default frame size for the WebSocketServerProtocolHandler is 65536 byte but you can set it as high as you want. The WebSocket protocol limits the size to 18,446,744,073,709,551,615 bytes. Is there a reason for that low frame size? Are DDOS-Attacks a reason for that behavior?

My Netty stack is as follows:

HttpServerCodec  
HttpContentCompressor  
HttpContentDecompressor  
HttpObjectAggregator(65536)  
WebSocketServerProtocolHandler(...,65536)  
...

Should I rather set the HttpObjectAggregator size to 18,446,744,073,709,551,615 to avoid the TooLongFrameException and leave the WebSocketServerProtocolHandler to 65536? What is best practice?

Community
  • 1
  • 1
Richard Burkhardt
  • 781
  • 7
  • 25
  • 1
    I'm not 100% familiar with Netty, but I would assume that is done to prevent overconsumption of memory (and in a way to prevent a [self-]DOS attack). If you need more, I would try to increase it only on the websockets that require a bigger frame size. – Augusto May 13 '16 at 10:11
  • the problem is that you cannot configure browsers to use continuation frames at a certain fame size. something like auto-chunking is not possible. You need to extend you business logic to handle that. Why such a small limit? 64k is nothing. Imagine you want to upload an image. – Richard Burkhardt May 13 '16 at 10:16
  • 1
    websockets werent made for actual data transfer - clearly, they were intended for messaging / signalling systems. If you're transferring actual data via websocket you're doing it wrong. – specializt May 13 '16 at 10:25
  • @RichardBurkhardt Your question embodies a contradiction in terms. You state that the *default* is 65535, not the maximum, and you present zero evidence that Netty doesn't allow a larger size. – user207421 May 14 '16 at 10:27
  • @EJP Thank you, I changed the question. Now it should be clear that you can actually set the size to what ever size you want. – Richard Burkhardt May 14 '16 at 16:08

0 Answers0