	4x *the mini multi-tasking HTTP/1.1 web-server*

Facilities and Features

Client Support

Authentication

Hosting

Extensibility

Robustness

Performance and Efficiency

Simplicity

List of Missing Features

Client Support

4x is a web-server that supports both HTTP/1.1 and HTTP/1.0 clients. It automatically detects and takes advantage of the following HTTP/1.1 facilities:

persistent connections with proper connection-management
support of client pipelining
If-Modified-Since conditional GETs
outgoing streaming using chunked transfer-encoding
100-Continue expectation processing

Authentication

On those host systems that provide the Pluggable Authentication Modules framework (Solaris, Linux, HP-UX, AIX, NetBSD, etc) 4x supports HTTP "Basic" client authentication, using PAM as the back-end database of user identities.

It does not yet support HTTP "Digest" authentication.

Hosting

4x does not yet provide "virtual-host" facilities (multiple separate sites sharing a single IP address).

However, it can run attached to either a single IP address, or to all addresses available on the server system, so it can be used to provide multiple separate web-sites from a single system, at the cost of running multiple copies (each attached to a single address). Full support for vistual hosts is a planned enhancement.

4x is not a proxy server, and is not intended to ever be such.

At the time of writing, 4x does not support SSL/TLS encryption (HTTPS).

Extensibility

4x can be run with an option to recognise a ".cgi" file-type, thus providing an extension mechanism through the CGI/1.1 protocol. Full support for both "Parsed-Headers" and "No-Parsed-Headers" CGI programs is provided.

If CGI support is enabled, a mandatory timeout must also be specified, to prevent runaway CGI programs from needlessly consuming server system resources.

Note: CGI programs are currently run under the same user-account that the web-server itself runs as, and should therefore be vetted for security implications, such as the ability to reach files outside the document-root.

Options to run CGIs under an explicitly designated user account, and to run in a "chroot" restricted environment, are being researched.

Robustness

Due to each client session being served by a single non-threaded dedicated process, 4x is naturally resistant to a number of problems, and restricts such problems to only the particular session that caused them.

By design, it does not suffer from address-space exhaustion, nor from memory-exhaustion due to overlarge fixed stack allocations, thread-races/collisions, and a number of other issues that can affect threaded servers; but it does so whilst still providing fully concurrent client sessions.

Due to its' simple multi-process mode of operation, a single process (session) crash, even though uinlikely, simply cannot bring down the entire web-server software, nor any other client session.

Also, because such a multi-process synchronous-I/O architecture has no internal race-conditions, it is much easier to reason about its' correctness even in the face of malformed inputs or malfunctioning clients. I am not claiming that 4x is completely bug-free, rather that its' architecture simply has less scope for bugs in the first place. Time will tell...

Performance and Efficiency

The downside to the aforementioned robustness and simplicity is that 4x will never be the absolute performance leader in terms of number of number of new connections per second. However, it does support a large number of concurrent clients, fundamentally limited only by the amount of physical memory and the maximum number of processes the host system allows.

256

System CPU CPU clock RAM Vintage O/S Max Simultaneous
Clients (without swapping)
Toshiba Satellite
CDT-4000 (laptop) Pentium-II 233 MHz 160 Mb 1998 Solaris 8 1113

SPARCstation-10 dual HyperSPARC 180 MHz 512 Mb 1996 Solaris 2.6 2242

System	CPU	CPU clock	RAM	Vintage	O/S	Max Simultaneous Clients (without swapping)
Toshiba Satellite CDT-4000 (laptop)	Pentium-II	233 MHz	160 Mb	1998	Solaris 8	1113
SPARCstation-10	dual HyperSPARC	180 MHz	512 Mb	1996	Solaris 2.6	2242

Care has been taken to ensure that the rate of new connections-per-second and throughput degrade gradually under load, rather than suddenly "falling off a cliff".

4x goes to some effort to avoid emmission of more network packets than necessary: it is not a "selfish" implementation in that way; and thus has reasonably good throughput on typical WAN (high-throughput, high-latency) networks.

Simplicitly

Relatively-Simple-Admin:

all configurable run-time options are expressed on the command-line.
server can be gracefully stopped by either SIGINT, SIGQUIT or SIGTERM signals, and automatically shuts down all child processes.
no need to adjust default per-process resource limits to run the server (server processes are small and use only 4 file-descriptors).
no need for system-level thread-stack-size tuning (a common problem for multi-threaded servers, esp. on 32-bit platforms).
error-logging to standard-error, so can be saved/discarded as desired.
access-logging to standard-output, so can be saved/discarded as desired.

"Missing" Features

Virtual-Host capability
Range requests and conditional range requests.
Support for IPv6.
Optional encrypted communication, via SSL/TLS.
"Digest" authentication, as per RFC2617.