slow connection on SSL port (TTFB)

Anoop Alias anoopalias01 at gmail.com
Wed Aug 7 11:30:43 UTC 2019


Do you see a large ttfb on a static html page ? , if an upstream like
proxy/fastcgi is involved and they are slow to respond the ttfb also will
be high

17K open/TIME_WAIT  -- investigate this as this dont seem normal

On Wed, Aug 7, 2019 at 3:46 PM neomaq <nginx-forum at forum.nginx.org> wrote:

> Hello
> there is a problem:
> slow connection to nginx server
>
> telnet server 443
> 1-8 random sec before TTFB
>
> all possible network stack tunings are applied, similar problems are not
> observed on other(non nginx) ports
>
> 32 vCPU   Intel(R) Xeon(R) CPU E5-2630 v4
> 96 GB RAM
> avg CPU load -20%
> 1 GB network (tested on local internal network)
>
> there are over 1400 virtual hosts with SSL
> the problem is observed during busy hours
>
> nginx:
> user www-data;
> worker_processes 64;
> pid /run/nginx.pid;
> worker_rlimit_nofile 16384;
> events {
>         use epoll;
>         worker_connections 16384;
>         multi_accept on;}
> http {
>         sendfile on;
>         tcp_nopush on;
>         tcp_nodelay on;
>         keepalive_timeout 65;
>         types_hash_max_size 2048;
>         server_names_hash_max_size 524280;
>         ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
>         ssl_prefer_server_ciphers on;
> }
> ----------------------------------------
> there are 5-15K  ESTANLISHED connections and over 17K open/TIME_WAIT ports
>
> What can be done to reduce the connection time to the server?
>
> Posted at Nginx Forum:
> https://forum.nginx.org/read.php?2,285142,285142#msg-285142
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
>


-- 
*Anoop P Alias*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20190807/9a4e8e1b/attachment.html>


More information about the nginx mailing list