Optimizing NGINX TLS Time To First Byte (TTTFB)
citrin at citrin.ru
Thu Dec 19 10:51:47 UTC 2013
On 12/19/13 04:50, Alex wrote:
> I remember reading (I believe it was in your (excellent) book! ;)) that
> upon packet loss, the full TLS record has to be retransmitted. Not cool
> if the TLS record is large and fragmented. So that's indeed a good
> reason to keep TLS records small and preferably within the size of a TCP
Why TCP retransmit for single lost packet is not enough (in kernel TCP stack,
whit is unaware of TLS record)?
Kernel on receiver side, should wait for this lost packet to retransmit, and
return data to application in same order as it was sent.
Big TLS record can add some delay for first byte (but not to last byte) in
decrypted page, but browser anyway can't render first byte of page, It need at
least some data.
More information about the nginx