Large latency increase when using a resolver for proxy_pass

Maxim Dounin mdounin at mdounin.ru
Wed Mar 1 12:44:19 UTC 2017


Hello!

On Wed, Mar 01, 2017 at 07:32:03AM -0500, user384829 wrote:

> Hi,
> I am wanting to resolve upstream hostnames used for proxy_pass inline with
> the TTL of the DNS record but when I add this configuration the response
> from nginx is MUCH slower.
> I've run tcpdump and the upstream DNS record is be resolved and reresolved
> as TTL would dictate.
> But requests are slower even when the TTL has not expired and nginx is not
> attempting to resolve the record.
> 
> The difference is quite large: 0.3s vs 1s.
> 
> Measured like this:
> curl -w "%{response_code} %{time_total}\n" -s -o /dev/null
> 'http://my_nginx_host/api/something_something
> 
> 
> == Slow Configuration ===
> 
> resolver                  8.8.8.8 8.8.4.4 ipv6=off;
> server {
>     listen              80;
>     set $upstream_host https://my.upstream-host.com;
>     location ~ /api/ {
>         rewrite               /api/(.*) /$1 break;
>         proxy_pass            $upstream_host;
>     }
> }

[...]

> What am I missing here? Is it because the upstream host is using HTTPS? I am
> using version 1.11.10.

Yes.  You are using https and you are using dynamic address 
resolution, so SSL session caching doesn't work.

See detailed explaination in the response as send on this mailing 
list yesterday, 
http://mailman.nginx.org/pipermail/nginx/2017-February/053042.html.

-- 
Maxim Dounin
http://nginx.org/


More information about the nginx mailing list