LVS
lvs-users
[Top] [All Lists]
Google
 
Web LinuxVirtualServer.org
<prev [Date] next> <prev [Thread] next>

Re: Slow SSL

from [Horms] [Permanent Link]
To: "LinuxVirtualServer.org users mailing list." <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject: Re: Slow SSL
From: Horms <horms@xxxxxxxxxxxx>
Date: Thu, 24 Feb 2005 16:03:22 +0900 
On Wed, Feb 23, 2005 at 03:19:02PM -0600, LVS@xxxxxxxxx wrote:
> Horms wrote:
> 
> >On Mon, Feb 21, 2005 at 09:46:47PM -0600, Jeff Royal wrote:
> > 
> >
> >>I've added an SSL server to my realserver list.
> >>Here is an example of my ldirectord.cf
> >>
> >># Global Directives
> >>checktimeout=20
> >>checkinterval=10
> >>logfile="/var/log/ldirectord.log"
> >>quiescent=no
> >>
> >># Virtual Server for HTTP
> >>virtual=192.168.22.41:80
> >>       real=lweb1:80 masq
> >>       real=lweb2:80 masq
> >>       fallback=192.168.22.70:80
> >>       service=http
> >>       request="/us/index.jsp"
> >>       receive="working"
> >>       scheduler=wlc
> >>       persistent=1800
> >>       netmask=255.255.255.0
> >>       protocol=tcp
> >>       checktype=negotiate
> >>
> >># Virtual Server for HTTPS
> >>virtual=192.168.22.41:443
> >>       real=lweb3:443 masq
> >>       service=https
> >>       request="/test.ipage"
> >>       receive="working"
> >>       scheduler=wlc
> >>       persistent=1800
> >>       protocol=tcp
> >>       checktype=negotiate
> >>
> >>I can get to the server through https:// but the pages load very slowly 
> >>(~2 minutes compared to 4 seconds if I go directly to the realserver 
> >>address)
> >>
> >>I'm not sure where to start, as it works.
> >>   
> >>
> >
> >Try using something like tcpdump or ethereal to trace the packets on the
> >network and see what is going on.
> >
> > 
> >
> Thanks!!
> FIXED!!
> 
> Looking at a tcpdump I was able to see that during the load of the page 
> there were requests made to HTTP.
> Working with the developers we found some code that was hard coded to 
> port 80.  Removing that hard code the pages flew...
> 
> Last question.  There was a 20 second lag (looking at the tcpdump) each 
> time one of these (http) requests  were made.
> When one of these requests were made the LB had to switch to another 
> machine (as HTTP was not sent to this machine).
> Was the fact that we have a persistence setting causing the 20 second 
> lag or was the delay strictly in our Java application?
> I ask because I don't know if the 20 second "checktimeout" setting was 
> just a coincidence.

I suspect that the 20s timeout is the cause of the 20s frequency
of requests. If you really want to know you could try adding some
extra debugging statements to ldirectord.

-- 
Horms
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: ldirectord and HTTP GET/HEAD [patch], Horms
Next by Date:  Re: ldirectord and HTTP GET/HEAD [patch], Volker Dormeyer
Previous by Thread:  Re: Slow SSL, LVS
Next by Thread:  Some issues on LVS-DR with Squid, Janno de Wit
Indexes:  [Date] [Thread] [Top] [All Lists]