Magnus Hagander escribió:
Tom Lane wrote:
Linos <info@xxxxxxxx> writes:
Tom Lane escribió:
That's just weird --- ssl off should be ssl off no matter which knob you
use to turn it off. Are you sure it's really off in the slow connections?
Maybe i am missing something, i use the same command to connect to it
from localhost "psql -d database -h localhost" and in the pcap files i
have captured the protocol it is clear (with "ssl = false" or "ssl =
true" either), but in the debian machine with "ssl = true" in
postgresql.conf you can see in the pcap file big time jumps between
data packets, psql commandline enables automatically ssl if the server
supports it?
Yeah, the default behavior is to do SSL if supported; see PGSSLMODE.
Non-TCP connections never do SSL, though. One possibility to check
is that one of the two distros has altered the default value of
PGSSLMODE.
IIRC, debian ships with a default certificate for the postgres
installation, so it can actually *use* SSL by default. I don't know if
other distros do that - I think most require you to actually create a
certificate yourself.
//Magnus
Yeah i have tested with PGSSLMODE environment and it makes the difference when
it is activated, debian ships with a cert that makes it enabled by default but
Arch Linux no, i get with wireshark in the data packets from postgresql
"unreassembled packet" so i thought that was the same but obviously one it is
using ssl and the other not, and before now i have not noticed but psql gives me
the hint that it is connect by ssl with the line "conexión SSL (cifrado:
DHE-RSA-AES256-SHA, bits: 256)" after connect, i did not know that ssl activated
would have this speed penalty, goes from 110 ms to 4200ms, Thanks Tom and Magnus
for the help.
Regards,
Miguel Angel.
--
Sent via pgsql-performance mailing list (pgsql-performance@xxxxxxxxxxxxxx)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-performance
