Dear Colleague:
The Fifth International Conference on e-Technologies and Networks for
Development (ICeND2017)
http://sdiwc.net/conferences/5th-international-conference-
on-e-technologies-and-networks-for-development/
We invite you to attend and participate in the Fifth International
Conference o
> ab does not support TLS tickets (you can verify this with wireshark), so even
> if
> you do enable HTTP keepalive, the full TLS handshake has to be performed for
> each request.
>
> it's a poor tool to measure total potential throughout of HTTPS servers.
Now that you mention it I kind of remem
> Enabling keepalive on ab is one of the things you can do. I don't know
> ab, so not sure if there is a better way. I also do not know if ab supports
> SSL session caching or TLS tickets, which you would have to keep in
> mind when benchmarking.
ab does not support TLS tickets (you can verify th
On Sat, Nov 12, 2016 at 03:25:49AM +, Michael Power wrote:
Hi there,
> I have an nginx web server with two ip addresses. I want to connect to two
> upstream servers, where one upstream is configured to use one of the ip
> addresses and the other upstream is configured to use the second ip
> I'll do it but I guess the test will no longer be so relevant because I want
> to simulate different users.
Real user/browser DO keep-alive. Sendings thousands of requests per
second in dedicated TLS session is not what you would see in real life
from real users.
> Anyway, the question is in
Just to help those not knowing about -k option:
-k Enable the HTTP KeepAlive feature, i.e., perform multiple requests
within one HTTP session. Default is no KeepAlive
I'll do it but I guess the test will no longer be so relevant because I want
to simulate different users.
Anyway, the question
> I test on running ab command on the same host as nginx is.
Did you test with -k (keepalive) on or off?
Without -k means that ab will do handshake every time and you will be limited
by cpu and depending on the chosen cipher the performance (requests per second)
can vary a lot.
rr
I used https://mozilla.github.io/server-side-tls/ssl-config-generator/ in
order to configure the ssl part for my nginx:
https://mozilla.github.io/server-side-tls/ssl-config-generator/?server=nginx-1.11.3&openssl=1.0.2g&hsts=yes&profile=intermediate
but with no OCSP Stapling, ssl_trusted_certificate
Oh, I forgot to mention that the setup included also:
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
Posted at Nginx Forum:
https://forum.nginx.org/read.php?2,270898,270900#msg-270900
___
nginx mailing list
nginx@nginx.org
http://mailman.ng
Because you have the TLS handshake that has to be done which is CPU bound
Try change things like ssl_ciphers (to something faster), and use
ssl_session_cache/
--
Best Regards,
Lucas Rolff
gigihc11 wrote:
Hi, I have:
nginx 1.11.3
Ubuntu 16.04.1 LTS
openssl 1.0.2g-1ubuntu4.5 amd64
libssl1.0.0
Hi, I have:
nginx 1.11.3
Ubuntu 16.04.1 LTS
openssl 1.0.2g-1ubuntu4.5 amd64
libssl1.0.0:amd64 1.0.2g-1ubuntu4.5
weak CPU: N3150
16 GB RAM
with this test-setup:
open_file_cache max=1000 inactive=360s;
open_file_cache_valid 30s;
I test on running ab command on the same host as nginx is.
For a 1.6K
11 matches
Mail list logo
