HTTP.SYS Kernel mode driver

Question

What is the big deal with HTTP.SYS in IIS 7?

From what I understand, it is low level which is good for security. Why?

There is no context switching which could be expensive. Why?

Please explain.

Thanks!

Answer 1

The benefits are already well documented,

http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/a2a45c42-38bc-464c-a097-d7a202092a54.mspx?mfr=true

By using HTTP.sys to process requests, IIS 6.0 delivers the following performance enhancements:

• Kernel-mode caching. Requests for cached responses are served without switching to user mode.
• Kernel-mode request queuing. Requests cause less overhead in context switching, because the kernel forwards requests directly to the correct worker process. If no worker process is available to accept a request, the kernel-mode request queue holds the request until a worker process picks it up.

Using HTTP.sys and the new WWW service architecture provides the following benefits:

• When a worker process fails, service is not interrupted; the failure is undetectable by the user because the kernel queues the requests while the WWW service starts a new worker process for that application pool.
• Requests are processed faster because they are routed directly from the kernel to the appropriate user-mode worker process instead of being routed between two user-mode processes.

http://learn.iis.net/page.aspx/101/introduction-to-iis-7-architecture/

HTTP.sys provides the following benefits:

• Kernel-mode caching. Requests for cached responses are served without switching to user mode.
• Kernel-mode request queuing. Requests cause less overhead in context switching because the kernel forwards requests directly to the correct worker process. If no worker process is available to accept a request, the kernel-mode request queue holds the request until a worker process picks it up.
• Request pre-processing and security filtering.