Re: Mod_proxy Slow After a Week

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Mon, Jun 24, 2013 at 2:03 PM, Robert Gabriel <ephemeric@xxxxxxxxx> wrote:
> Hello all,
>
> We have:
>
> Apache 2.2.3
> CentOS 5.5 x86_64
> Splunk 5.0.2
>
> I only know the basics but Apache has been serving us very well with the
> below config
>
> and only after about a week did pages refresh very slowly, up to a minute to
> reload
>
> sometimes.
>
> I tailed both httpd and splunkd logs and saw a consistent delay of 30s
> between proxy
>
> and origin server (both on same host) along with plenty of 304s, followed by
> what
>
> appeared to be some timeout and then slowly the 200s started coming back in.
>
> A restart of httpd cleared up the issue.
>
> I'm lost, please help.
>
> Could this be a caching problem?
>
> Thank you.
>
> <VirtualHost *:443>
>         SSLEngine on
>         SSLCertificateFile      /etc/httpd/conf/server.crt
>         SSLCertificateKeyFile   /etc/httpd/conf/server.key
> 	SSLProxyEngine On
> 	SSLCACertificateFile	/etc/httpd/conf/gsoc.pem
> 	SSLProtocol all -SSLv2
> 	SSLVerifyClient require
> 	SSLVerifyDepth 1
> 	SSLOptions +StrictRequire
>
> 	RequestHeader set X-Remote-User %{REMOTE_USER}s
>
>         ServerName      dashboards.gsoc.co.za:443
> 	ServerAdmin	admin@xxxxxxxxxx
>         DocumentRoot    /srv/http/gdf/
>         CustomLog       /var/log/httpd/gdf/access combined
>         ErrorLog        /var/log/httpd/gdf/error
> 	LogLevel	debug
>
> 	ProxyRequests Off
> 	ProxyPreserveHost Off
> 	ProxyPass /gdf https://172.20.67.2:8000/gdf
> 	ProxyPassReverse /gdf https://172.20.67.2:8000/gdf
>
>        <Directory />
> 		SSLRequireSSL
>         	AllowOverride none
> 		AuthName "GDF"
> 		AuthType Basic
> 		AuthDigestProvider file
> 		AuthUserFile /etc/httpd/conf/passwd
> 		Require ssl-verify-client
> 		Require valid-user
> 		Require ssl
> 		Satisfy All
>         </Directory>
>
>         <Location /gdf>
> 		SSLRequireSSL
> 		AuthName "GDF"
> 		AuthType Basic
> 		AuthDigestProvider file
> 		AuthUserFile /etc/httpd/conf/passwd
> 		Require ssl-verify-client
> 		Require valid-user
> 		Require ssl
> 		Satisfy All
>         </Location>
> </VirtualHost>

30 seconds is the length of the default timeout in apache.
Unfortunately, that timeout is used in all sorts of cases, so it does
not tell us what is timing out.

As a rank guess, I would be going for DNS timeout myself. Do you have
HostnameLookups set to "On" or "Double", or using host names in ACLs?

Cheers

Tom

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux