Re: QUIC and HTTP/3 roadmap blog post

On Tue, Jul 13, 2021 at 05:29:15PM +0530, Raminda Subashana wrote: > Hi Maxim, > > Just tested nginx-quic release and there is a performance issue. I compared > it with Cloudflare quic experimental release which is based on nginx 1.16. > > It is almost 3 times slower than 1.16. Below config worked

Re: QUIC and HTTP/3 roadmap blog post

14.07.2021 13:39, Raminda Subashana writes: Hi Vladimir, Please see below; details & herewith attached another detail report as a PDF. I tested with Magento 2.4.2 & below results based on it. PHP 7.4 on Ubuntu 20.04 LTS Hi Raminda, thank you for the feedback! can you please send full ngi

Re: QUIC and HTTP/3 roadmap blog post

13.07.2021 15:42, Marcin Wanat пишет: Hi Maxim, does Nginx have plans to adopt BBR as congestion control when using QUIC ? Regards, Marcin Wanat Hi Marcin Wanat, Short-term, there are no such plans. We still have plenty of things to do. Currently for congestion we use what is described in

Re: QUIC and HTTP/3 roadmap blog post

On Tue, Jul 13, 2021 at 06:55:14PM +1000, Mathew Heard wrote: > Hi Maxim, > > Really interesting read. > > Do you have any plans for resolving the SIGHUP causes session closure > issues that currently exist with nginx-quic? The closure of long lived > connections has been a thorn in the side of peo

Re: QUIC and HTTP/3 roadmap blog post

On Tue, Jul 13, 2021 at 05:29:15PM +0530, Raminda Subashana wrote: > Hi Maxim, > > Just tested nginx-quic release and there is a performance issue. I compared > it with Cloudflare quic experimental release which is based on nginx 1.16. > > It is almost 3 times slower than 1.16. Below config worked

Re: [QUIC][BUG] function 'ngx_hkdf_extract ' has memory leak when use OPENSSL but not BoringSSL.

On Tue, Mar 09, 2021 at 10:17:43PM -0500, lingtao.klt wrote: > In ngx_hkdf_expand, when use OPENSSL, the *pctx need to be free. > > > ``` > > static ngx_int_t > ngx_hkdf_expand(u_char *out_key, size_t out_len, const EVP_MD *digest, > const uint8_t *prk, size_t prk_len, const u_char *info, size

Re: Seeking example of module using theadpool

On Mon, Mar 01, 2021 at 04:07:47AM -0500, dvhh wrote: > Hello, > > I have developed a module which perform long running calculations to produce > the output, unfortunately blocking the server thread from handling other > requests. I am looking at using threadpool, unfortunately there is no > exampl

Re: Nginx not retrying failed UDP message

On Thu, Jul 09, 2020 at 02:42:52PM -0400, harsh wrote: > Hi, > > We are using NGINX as Load Balancer for load balancing RADIUS UDP traffic. > > It seems NGINX is not retrying to send messages to another upstream server > if one of the upstream servers is down. > > We are using NGINX 1.16.1. But the

Re: How is the progress to support DTLS

On Tue, Sep 10, 2019 at 05:12:48AM -0400, everhardt wrote: > I have been using it for more than a year now for more than 500 IoT devices > with a cellular connection that connect on average about 4 times per day. My > experience has been very positive: easy to set up and no issues at all (both > fo

Re: FIPS support in nginx?

On Fri, Jun 14, 2019 at 02:26:49PM -0400, tlemons wrote: > Hi > > Does nginx have a 'FIPS mode'? If so, where can I find this documented? > > Thanks! > tl > nginx uses openSSL library for all cryptographic operations. Thus it is enough to turn on FIPS mode in the library. For example, here [1] are

Re: Redirect to external site

On Mon, Oct 01, 2018 at 12:22:59PM -0700, Brian W. wrote: > I have gotten the ldap setup working with their backend-sample-app.py file > properly and it displays the hello world message. What I cannot figure out > is how to redirect it to another url on another machine, as opposed to that > local p

Re: “max conns” in upstream is not working what I've expected;

On Tue, Aug 21, 2018 at 10:58:15PM -0400, jinsam.kim wrote: > Hello Super Heroes. > > I want to limit connections in a service. So I used max_conns directive in > upstream. > > But it allows twice connections as many as I've set. > > So, I suspected myself. Maybe… Am I used the direction in wrong w

Re: Routing based on ALPN

On Sun, Feb 25, 2018 at 08:16:18PM +0100, Wiktor Kwapisiewicz via nginx wrote: > >> Is there a way to access and save ALPN value to a variable? > > > > It should possible to parse the incoming buffer with > > https://nginx.org/r/js_filter and create a variable to make a routing > > decision on. >

Re: Nginx Directory Autoindex

On Fri, Mar 02, 2018 at 02:03:36PM +, James wrote: > On 02/03/2018 11:33, Luciano Mannucci wrote: > > >> I'd like the option of order by date, "ls -t", "ls -rt". This helps > >> because the text order of numbers is "10 11 8 9", see: > >> > >> http://nginx.org/download/ > > Well, this is way le

Re: Nginx Directory Autoindex

On Wed, Feb 28, 2018 at 07:03:22PM +0100, Luciano Mannucci wrote: > > Hello all, > > I have a directory served by nginx via autoindex (That works perfectly > as documented :). I need to show the content in reverse order (ls -r), > is there any rather simple method? > > Thanks in advance, Hello Luc

Re: DTLS patches

On Wed, Feb 21, 2018 at 10:44:00PM +0800, Wang Shanker wrote: > Hi, > > I noticed that you have introduced `ngx_event_udp_accept()`, which can > create a separate socket for receiving datagrams from a specific client. > I understand that it is necessary for DTLS servers. However I wonder > why it i

Re: DTLS patches

elaborate about your environment? Do you proxy DTLS stream directly to backend, or you perform DTLS offload ? What protocol are you using and which server/client software before/behind nginx? I'm attaching refreshed patch against nginx-1.13.9 for those who are interested to test. # HG changeset p

Re: DTLS patches

On Wed, Feb 21, 2018 at 12:18:27PM +0800, Wang Shanker wrote: > Hi, Vladimir > > `ngx_stream_ssl_init_connection` trys to set tcp_nodelay on the given > connection. > The following patch adds a test for the type of connection before set. > > Cheers, > > Miao Wang > > diff --git a/src/stream/ngx_st

Re: Routing based on ALPN

On Mon, Feb 19, 2018 at 12:02:06PM +0100, Wiktor Kwapisiewicz via nginx wrote: > Hello, > > I'm looking for a way to route traffic on port 443 based on ALPN value > without SSL termination. > > ssl_preread_module [1] does something similar but the only exposed > variable ($ssl_preread_server_name)

Re: DTLS patches

On Thu, May 18, 2017 at 10:29:16AM -0400, George wrote: > thanks for sharing. Is it necessary to compile with --with-debug ? > no, it will work without debug as well ___ nginx mailing list nginx@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx

DTLS patches

Hello all, For all those interested in testing DTLS support, experimental patch is now available at http://nginx.org/patches/dtls/ Check the README.txt for details . If you have any feedback, please report to this thread. ___ nginx mailing list nginx@n

Re: Proxying UDP: Preserve proxy port during DTLS handshake

On Wed, Apr 12, 2017 at 03:53:43PM -0400, SebK wrote: > Hello everyone, Hi Sebastian, [...] > > So my conclusive question is: Does nginx provide a way to preserve its > chosen dynamic port when forwarding udp packets? > No, currently it is not supported. See also http://mailman.nginx.org/piperma

Re: UDP TLS Termination

On Tue, Mar 28, 2017 at 12:25:35PM +0300, Vladimir Homutov wrote: > instead of normal DTLS. i meant SSL (TLS) of course. ___ nginx mailing list nginx@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx

Re: UDP TLS Termination

On Tue, Mar 28, 2017 at 05:18:54AM -0400, freel wrote: > Hi guys, > > We are interested in UDP TLS Termination, any updates about this feature? I > think I saw such topic on forum few moths ago, but I'm unable to find it > now. > Can you please describe your use-case? Which applications do you use

Re: Nginx reverse proxy for TFTP UDP port 69 traffic

On 08.03.2017 00:21, Eric Feldhusen wrote: I’m trying to use Nginx to reverse proxy TFTP UDP port 69 traffic and I”m having a problem with getting files through the nginx reverse proxy. My configuration is simple, I’m running TFTP on one Centos 6.x server and the Nginx reserve proxy on another C

Re: 答复: Re: having nginx listen the same port more than once

On Tue, Feb 14, 2017 at 04:09:10PM +0800, he.hailo...@zte.com.cn wrote: > now I understand the duplicate listen ports configured in the http > block can be used to implement virtual hosts. > > > but what's the purpose to allow this in the stream block? in my > practise (with 1.9.15.1), nginx will r

Re: stream module on 100% cpu load

03.01.2017 16:20, A. Schulze пишет: > > Hello, > > last days I setup a server to encapsulate DNS over TLS. > >- DNS-Server @localhost, Port 53 TCP >- NGINX Stream module on public IP, Port 853 TCP, SSL enabled. > > That work so far. > Now I thought to scan this setup using ssllabs.com >

Re: syslog not properly tagged

On Tue, Nov 10, 2015 at 11:08:44AM +0200, Avraham Serour wrote: > Hi, > > I have an ubuntu machine and installed nginx stable using the ppa (1.9.3) > > In my conf I'm sending the logs to syslog: > > access_log syslog:server=unix:/dev/log,tag=lenginx_access le_json; > error_log syslog:server=unix:/d

Re: Nginx response with persistence session and backend server failure

On Mon, Jul 27, 2015 at 12:40:04PM +0530, Bhuvan Gupta wrote: > Hello all, > > I was reading Nginx documentation > > on > persistence session using cookie and below is from documentati

Re: Nginx not logging to socket

On Wed, Jun 24, 2015 at 10:21:06AM -0400, Danomi Czaski wrote: > On Wed, Jun 24, 2015 at 10:00 AM, Vladimir Homutov wrote: > > On Wed, Jun 24, 2015 at 08:31:31AM -0400, Danomi Czaski wrote: > >> On Wed, Jun 24, 2015 at 7:03 AM, Vladimir Homutov wrote: > >> > On W

Re: Nginx not logging to socket

On Wed, Jun 24, 2015 at 08:31:31AM -0400, Danomi Czaski wrote: > On Wed, Jun 24, 2015 at 7:03 AM, Vladimir Homutov wrote: > > On Wed, Jun 24, 2015 at 06:12:49AM -0400, Danomi Czaski wrote: > >> Hello, > >> > >> On Sun, Jun 21, 2015 at 8:19 AM, And

Re: Nginx not logging to socket

On Wed, Jun 24, 2015 at 06:12:49AM -0400, Danomi Czaski wrote: > Hello, > > On Sun, Jun 21, 2015 at 8:19 AM, Andrew Holway > wrote: > > Hallo! > > > > Using rsyslog I have set up a logging socket and confirmed that its working > > by piping in some stuff to "logger -u /dev/log" > > nginx/1.8.0 doe

Re: Logging to syslog

On Thu, Feb 19, 2015 at 04:49:28AM -0500, scaarup wrote: > Hi all. > I am logging to syslog with the following configuration: > log_format custom '$remote_addr $remote_user ' > '"$request" $status $body_bytes_sent ' > '"$http_referer" "$http_u

Re: Thread support

On Tue, Jun 03, 2014 at 02:54:19AM -0400, nginxsantos wrote: > Hi, > > I am trying to run Nginx as a multi threaded application. Looking at the > code it seems the initial code to support multi threaded was there. May be > it got broken (as the error message says) or it was not developed to the > e

Re: Loadable runtime modules?

On Wed, Feb 19, 2014 at 06:15:55PM -0500, wardrop wrote: > Hi, > > I much prefer Nginx over Apache, and would use it as our primary HTTP server > at my place of work (as I already do for my personal sites), but the thing > that limits my willingness to do this is the fact that one must recompile >

Re: I translated "install" and "beginners guide" articles into japanese

On Tue, Nov 19, 2013 at 08:07:39PM +0900, Yuta MASUMOTO wrote: > Hi there, > I translated "install" and "beginners guide" articles into japanese. > > -- > Yuta MASUMOTO > Mail: ow...@club.kyutech.ac.jp > # HG changeset patch > # User Yuta MASUMOTO > # Date 1384857571 -32400 > # Tue Nov 19 19

Re: I translated document from English to Japanese

On Mon, Nov 18, 2013 at 11:49:14AM +0900, Yuta MASUMOTO wrote: > Hi there, > > I intersted in nginx, but Japanese documents is out of date, > so I will be translate documents from English to Japanese, > but I cannnot find information to translation. > > Right now, I created git repository what docu

Re: upstream max_fails disable

On Tue, Aug 13, 2013 at 12:36:25PM -0400, B.R. wrote: > Hello, > > On Tue, Aug 13, 2013 at 8:31 AM, Ruslan Ermilov wrote: > > > > > If there's a single server, max_fails and fail_timeout parameters > > are ignored, and such a server will never become temporarily down. > > > > ​That would be worth