httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Igor Galić <>
Subject Re: [users@httpd] Some VirtualHosts extremely slow, others very fast
Date Thu, 09 Dec 2010 19:41:17 GMT

----- "Craig A. James" <> wrote:

> I have found the trigger for my horrible performance problem, but it
> is surprising.
> Apache gets slow when there are too many "Allow from" directives, in
> this case, about 105 "Allow from" specs that are a mix of single IP
> addresses, partial IP address and netmasks:

105 allow froms shouldn't cause a 5 second delay.
Are you absolutely certain that you don't have HostnameLookups set
to something funny?

>    21.22.
> ... and so forth.  Note that there are *no* hostnames, just IP
> addresses and netmasks so it's not a DNS lookup problem.
> This is very consistent.  If we take out the "Allow from", Apache
> works.  If we add them back, the web site gets extremely slow.  But
> not for all users.  Only some customers see this problem; most have
> excellent performance all the time.
> When we run wireshark to analyze TCP/IP traffic with all 105 "Allow
> from" in place, it starts dropping TCP/IP ACK packets and having to
> resend a lot of data.  When we take the "Allow from" out, the TCP/IP
> communication is smooth and fast.

Check if there's any DNS traffic going on that shouldn't.

> Has anyone else run into this, and if so, how do you fix it?

Put access control policies like this -- if they are so many --
in iptables.

> This is on Apache 2.2.14 on Ubuntu 10.04.
> Thanks,
> Craig


Igor Galić

Tel: +43 (0) 664 886 22 883

The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message