slow connection on SSL port (TTFB)
Anoop Alias
anoopalias01 at gmail.com
Wed Aug 7 11:30:43 UTC 2019
Do you see a large ttfb on a static html page ? , if an upstream like
proxy/fastcgi is involved and they are slow to respond the ttfb also will
be high
17K open/TIME_WAIT -- investigate this as this dont seem normal
On Wed, Aug 7, 2019 at 3:46 PM neomaq <nginx-forum at forum.nginx.org> wrote:
> Hello
> there is a problem:
> slow connection to nginx server
>
> telnet server 443
> 1-8 random sec before TTFB
>
> all possible network stack tunings are applied, similar problems are not
> observed on other(non nginx) ports
>
> 32 vCPU Intel(R) Xeon(R) CPU E5-2630 v4
> 96 GB RAM
> avg CPU load -20%
> 1 GB network (tested on local internal network)
>
> there are over 1400 virtual hosts with SSL
> the problem is observed during busy hours
>
> nginx:
> user www-data;
> worker_processes 64;
> pid /run/nginx.pid;
> worker_rlimit_nofile 16384;
> events {
> use epoll;
> worker_connections 16384;
> multi_accept on;}
> http {
> sendfile on;
> tcp_nopush on;
> tcp_nodelay on;
> keepalive_timeout 65;
> types_hash_max_size 2048;
> server_names_hash_max_size 524280;
> ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
> ssl_prefer_server_ciphers on;
> }
> ----------------------------------------
> there are 5-15K ESTANLISHED connections and over 17K open/TIME_WAIT ports
>
> What can be done to reduce the connection time to the server?
>
> Posted at Nginx Forum:
> https://forum.nginx.org/read.php?2,285142,285142#msg-285142
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
>
--
*Anoop P Alias*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20190807/9a4e8e1b/attachment.html>
More information about the nginx
mailing list