slow connection on SSL port (TTFB)
neomaq
nginx-forum at forum.nginx.org
Wed Aug 7 10:16:29 UTC 2019
Hello
there is a problem:
slow connection to nginx server
telnet server 443
1-8 random sec before TTFB
all possible network stack tunings are applied, similar problems are not
observed on other(non nginx) ports
32 vCPU Intel(R) Xeon(R) CPU E5-2630 v4
96 GB RAM
avg CPU load -20%
1 GB network (tested on local internal network)
there are over 1400 virtual hosts with SSL
the problem is observed during busy hours
nginx:
user www-data;
worker_processes 64;
pid /run/nginx.pid;
worker_rlimit_nofile 16384;
events {
use epoll;
worker_connections 16384;
multi_accept on;}
http {
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
server_names_hash_max_size 524280;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
}
----------------------------------------
there are 5-15K ESTANLISHED connections and over 17K open/TIME_WAIT ports
What can be done to reduce the connection time to the server?
Posted at Nginx Forum: https://forum.nginx.org/read.php?2,285142,285142#msg-285142
More information about the nginx
mailing list