KeepAlive Not Working as expected for a Reverse Proxy Scenario

Rajnesh Kumar Siwal rajnesh.siwal at gmail.com
Tue Apr 10 10:53:14 UTC 2012


Hi,

The KeepAlive Timeout is set to 2 hours, but we can see that the
connections start terminating after a few minutes.
The KeepAlive module does not seems to be behaving as expected.
The connections are created on port :343.
The configuration file nginx.conf is :-
-------------------------------------------------------------------
user              nginx;
worker_processes  16;
error_log  /var/log/nginx/error.log info;
pid        /var/run/nginx.pid;
events {
        #worker_connections  16192;
        #worker_connections  161920;
        worker_connections  40960;
        use epoll;
        multi_accept on;
}
http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request"
'
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';
    access_log  /var/log/nginx/access.log  main;
    sendfile        on;
    #tcp_nopush     on;
    keepalive_timeout  7200 7200;
tcp_keepalive on;
tcp_keepcnt 10;
tcp_keepidle 3600;
tcp_keepintvl 1m;
    #gzip  on;

    #
    # The default server
    #
        server {
                listen 4443;
                server_name _;
                location /nginx_status {
  # copied from
http://blog.kovyrin.net/2006/04/29/monitoring-nginx-with-rrdtool/
                stub_status on;
                access_log   off;
                }
        }
    server {
        listen       80;
        server_name  _;
    #   keepalive_timeout  7200 7200;
        #charset koi8-r;
        access_log  logs/host.access.log  main;
        location / {
                proxy_pass      http://172.31.253.50:180/;
                include         /etc/nginx/proxy.conf;
        }
        }
        server {
        listen 443 ssl;
        ssl on;
        ssl_verify_client on;
        server_name _;
        ssl_certificate      /home/rsiwal/cps.chargepoint.net.crt;
        #ssl_client_certificate  /etc/httpd/certs/
chargepoint.net/server/certs/cps.chargepoint.net.crt;
        ssl_client_certificate  /home/rsiwal/chargepoint.net.crt;
        ssl_certificate_key  /home/rsiwal/cps.chargepoint.net.pem;
        location / {
                 proxy_pass      http://172.31.253.50:1443/;
                include         /etc/nginx/proxy.conf;
        }
        }
        server {
        listen 343 ssl;
        ssl on;
        ssl_verify_client on;
        server_name _;
        #ssl_session_cache shared:SSL:40m;    # Works fine upto 15K
        ssl_session_cache shared:SSL:70m;
        #######ssl_session_timeout 5m;     #
        ssl_session_timeout 120m;      #
tcp_keepalive on;
tcp_keepcnt 10;
tcp_keepidle 7200;
tcp_keepintvl 1m;
        access_log      logs/ssl-access.log main;
        error_log       logs/ssl-error.log debug;
        keepalive_requests    10000;
        #keepalive_disable none
        sendfile on;
        tcp_nopush on;
        tcp_nodelay on;
        client_header_timeout 300;
        client_body_timeout 300;
        ssl_certificate      /home/rsiwal/cps.chargepoint.net.crt;
        ssl_certificate_key  /home/rsiwal/cps.chargepoint.net.pem;
        ssl_client_certificate  /home/rsiwal/chargepoint.net.crt;
        location / {
                 proxy_pass      http://172.31.253.50:1343/;
                include         /etc/nginx/proxy.conf;
        }
        }
    include /etc/nginx/conf.d/*.conf;
}
-----------------------------------------------------------------------------------------------------------------------------

Thanks in advance

-- 
Regards,
Rajnesh Kumar Siwal
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120410/96908704/attachment-0001.html>


More information about the nginx mailing list