FIN/ACK closes upstream connection for HTTP, but not for HTTPS

Jeremy Apthorp nornagon at nornagon.net
Thu Feb 24 17:13:07 MSK 2011


I'm running nginx as a reverse proxy to do SSL and load balancing. The
upstream server behind nginx needs to know when the client closes the
connection.

If I turn ssl off, the connection looks like:

1. client connects to nginx
2. nginx connects to upstream
3. ...
4. client sends FIN/ACK to nginx
5. nginx sends FIN/ACK to upstream, and to client


With ssl on:

1. client connects to nginx
2. nginx connects to upstream
3. ...
4. client sends FIN/ACK to nginx
5. nginx waits 60 seconds
6. nginx sends FIN/ACK to upstream



What's going on here? Why does nginx wait for a timeout to send the FIN/ACK
upstream? Why does the behaviour change when I turn ssl on?


Thanks,
Jeremy
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nginx.org/pipermail/nginx/attachments/20110225/fee735a6/attachment.html>


More information about the nginx mailing list