httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Tom Evans <tevans...@googlemail.com>
Subject Re: [users@httpd] Mod_proxy Slow After a Week
Date Mon, 24 Jun 2013 16:27:13 GMT
On Mon, Jun 24, 2013 at 2:03 PM, Robert Gabriel <ephemeric@gmail.com> wrote:
> Hello all,
>
> We have:
>
> Apache 2.2.3
> CentOS 5.5 x86_64
> Splunk 5.0.2
>
> I only know the basics but Apache has been serving us very well with the
> below config
>
> and only after about a week did pages refresh very slowly, up to a minute to
> reload
>
> sometimes.
>
> I tailed both httpd and splunkd logs and saw a consistent delay of 30s
> between proxy
>
> and origin server (both on same host) along with plenty of 304s, followed by
> what
>
> appeared to be some timeout and then slowly the 200s started coming back in.
>
> A restart of httpd cleared up the issue.
>
> I'm lost, please help.
>
> Could this be a caching problem?
>
> Thank you.
>
> <VirtualHost *:443>
>         SSLEngine on
>         SSLCertificateFile      /etc/httpd/conf/server.crt
>         SSLCertificateKeyFile   /etc/httpd/conf/server.key
> 	SSLProxyEngine On
> 	SSLCACertificateFile	/etc/httpd/conf/gsoc.pem
> 	SSLProtocol all -SSLv2
> 	SSLVerifyClient require
> 	SSLVerifyDepth 1
> 	SSLOptions +StrictRequire
>
> 	RequestHeader set X-Remote-User %{REMOTE_USER}s
>
>         ServerName      dashboards.gsoc.co.za:443
> 	ServerAdmin	admin@gsoc.co.za
>         DocumentRoot    /srv/http/gdf/
>         CustomLog       /var/log/httpd/gdf/access combined
>         ErrorLog        /var/log/httpd/gdf/error
> 	LogLevel	debug
>
> 	ProxyRequests Off
> 	ProxyPreserveHost Off
> 	ProxyPass /gdf https://172.20.67.2:8000/gdf
> 	ProxyPassReverse /gdf https://172.20.67.2:8000/gdf
>
>        <Directory />
> 		SSLRequireSSL
>         	AllowOverride none
> 		AuthName "GDF"
> 		AuthType Basic
> 		AuthDigestProvider file
> 		AuthUserFile /etc/httpd/conf/passwd
> 		Require ssl-verify-client
> 		Require valid-user
> 		Require ssl
> 		Satisfy All
>         </Directory>
>
>         <Location /gdf>
> 		SSLRequireSSL
> 		AuthName "GDF"
> 		AuthType Basic
> 		AuthDigestProvider file
> 		AuthUserFile /etc/httpd/conf/passwd
> 		Require ssl-verify-client
> 		Require valid-user
> 		Require ssl
> 		Satisfy All
>         </Location>
> </VirtualHost>

30 seconds is the length of the default timeout in apache.
Unfortunately, that timeout is used in all sorts of cases, so it does
not tell us what is timing out.

As a rank guess, I would be going for DNS timeout myself. Do you have
HostnameLookups set to "On" or "Double", or using host names in ACLs?

Cheers

Tom

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message