https + large-file sending, sometimes fails
Igor Sysoev
is at rambler-co.ru
Tue Dec 18 12:58:24 MSK 2007
On Tue, Dec 18, 2007 at 08:49:30PM +1100, Dave Cheney wrote:
> Hi,
>
> We've been seeing this problem with large (10's of megabyte) static
> files being served from an NFS volume over https. We also use https in
> our application for cart and login screens but have not seen any
> errors of the type reported below. I tried a number of times to
> recompile nginx using different ssl libraries and different proxy
> configurations but ran our of time and removed the https download.
>
> The one clue that you've provided G?bor is NFS. I can reproduce the
> problem very easily so I will now try with the static files located on
> a local volume, not NFS.
No, the problem is between nginx and OpenSSL. It become apparent in NFS
environment, but the problem is not in NFS. I will investigate it soon.
> Cheers
>
> Dave
>
>
> On 18/12/2007, at 8:15 PM, G?bor Farkas wrote:
>
> >Igor Sysoev wrote:
> >>On Mon, Dec 17, 2007 at 03:56:39PM +0100, G??bor Farkas wrote:
> >>>Igor Sysoev wrote:
> >>>>On Mon, Dec 17, 2007 at 03:12:33PM +0100, G?bor Farkas wrote:
> >>>>
> >>>>>i am sending large (400mb) csv files using nginx, using https.
> >>>>>
> >>>>>sometimes not the whole file is served by nginx.
> >>>>>it simply closes the connection before the whole file is sent.
> >>>>>
> >>>>>
> >>>>>when such problems happen, the error-log contains this:
> >>>>>
> >>>>>2007/12/17 01:02:03 [crit] 21821#0: *864836 SSL_write() failed
> >>>>>(SSL: error:1409F07F:SSL routines:SSL3_WRITE_PENDING:bad write
> >>>>>retry) while sending response to client, client: 1.2.3.4,
> >>>>>server: www.example.com, URL: "/some/url/to/a.csv", upstream:
> >>>>>"http://internal -ip/some/auth/url/a.csv", host: "www.example.com"
> >>>>>
> >>>>>debian lenny (it has nginx 0.5.30-1)
> >
> >
> >hi,
> >
> >maybe i am completely wrong here, but:
> >
> >(on ubuntu gutsy and hardy):
> >
> >simply create a minimal https-serving nginx-config, serve a 200mb
> >file,
> >and try to fetch it from a different computer, using a lot of
> >concurrent-requests (something like "ab -n 1000 -c 100"),
> >and you will get the mentioned error.
> >
> >so, basically, any https-serving is broken.
> >
> >i find this very hard to believe, but i do not know what should i
> >change
> >in the test.
> >
> >(the packages:nginx-0.5.33, openssl-0.9.8g)
> >
> >any ideas why this happens?
> >
> >i attached the nginx.conf, and the site-config i used
> >(the nginx.conf is the default config from ubuntu)
> >
> >thanks,
> >gabor
> >
> >server {
> >
> > listen 443;
> > ssl on;
> > ssl_certificate /etc/nginx/certs/server.crt;
> > ssl_certificate_key /etc/nginx/certs/server.key;
> >
> >
> > access_log /var/log/nginx/access.log;
> >
> > location /gabor/ {
> > root /home/gabor/Desktop/nginx;
> > }
> >
> >}
> >user www-data;
> >worker_processes 1;
> >
> >error_log /var/log/nginx/error.log;
> >pid /var/run/nginx.pid;
> >
> >events {
> > worker_connections 1024;
> >}
> >
> >http {
> > include /etc/nginx/mime.types;
> > default_type application/octet-stream;
> >
> > access_log /var/log/nginx/access.log;
> >
> > sendfile on;
> > #tcp_nopush on;
> >
> > #keepalive_timeout 0;
> > keepalive_timeout 65;
> > tcp_nodelay on;
> >
> > gzip on;
> >
> > include /etc/nginx/sites-enabled/*;
> >
> >}
>
>
--
Igor Sysoev
http://sysoev.ru/en/
More information about the nginx
mailing list