httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Robert Gabriel <epheme...@gmail.com>
Subject Re: [users@httpd] Mod_proxy Slow After a Week
Date Mon, 24 Jun 2013 16:43:39 GMT
On 24 June 2013 18:27, Tom Evans <tevans.uk@googlemail.com> wrote:

> On Mon, Jun 24, 2013 at 2:03 PM, Robert Gabriel <ephemeric@gmail.com>
> wrote:
> > Hello all,
> >
> > We have:
> >
> > Apache 2.2.3
> > CentOS 5.5 x86_64
> > Splunk 5.0.2
> >
> > I only know the basics but Apache has been serving us very well with the
> > below config
> >
> > and only after about a week did pages refresh very slowly, up to a
> minute to
> > reload
> >
> > sometimes.
> >
> > I tailed both httpd and splunkd logs and saw a consistent delay of 30s
> > between proxy
> >
> > and origin server (both on same host) along with plenty of 304s,
> followed by
> > what
> >
> > appeared to be some timeout and then slowly the 200s started coming back
> in.
> >
> > A restart of httpd cleared up the issue.
> >
> > I'm lost, please help.
> >
> > Could this be a caching problem?
> >
> > Thank you.
> >
> > <VirtualHost *:443>
> >         SSLEngine on
> >         SSLCertificateFile      /etc/httpd/conf/server.crt
> >         SSLCertificateKeyFile   /etc/httpd/conf/server.key
> >       SSLProxyEngine On
> >       SSLCACertificateFile    /etc/httpd/conf/gsoc.pem
> >       SSLProtocol all -SSLv2
> >       SSLVerifyClient require
> >       SSLVerifyDepth 1
> >       SSLOptions +StrictRequire
> >
> >       RequestHeader set X-Remote-User %{REMOTE_USER}s
> >
> >         ServerName      dashboards.gsoc.co.za:443
> >       ServerAdmin     admin@gsoc.co.za
> >         DocumentRoot    /srv/http/gdf/
> >         CustomLog       /var/log/httpd/gdf/access combined
> >         ErrorLog        /var/log/httpd/gdf/error
> >       LogLevel        debug
> >
> >       ProxyRequests Off
> >       ProxyPreserveHost Off
> >       ProxyPass /gdf https://172.20.67.2:8000/gdf
> >       ProxyPassReverse /gdf https://172.20.67.2:8000/gdf
> >
> >        <Directory />
> >               SSLRequireSSL
> >               AllowOverride none
> >               AuthName "GDF"
> >               AuthType Basic
> >               AuthDigestProvider file
> >               AuthUserFile /etc/httpd/conf/passwd
> >               Require ssl-verify-client
> >               Require valid-user
> >               Require ssl
> >               Satisfy All
> >         </Directory>
> >
> >         <Location /gdf>
> >               SSLRequireSSL
> >               AuthName "GDF"
> >               AuthType Basic
> >               AuthDigestProvider file
> >               AuthUserFile /etc/httpd/conf/passwd
> >               Require ssl-verify-client
> >               Require valid-user
> >               Require ssl
> >               Satisfy All
> >         </Location>
> > </VirtualHost>
>
> 30 seconds is the length of the default timeout in apache.
> Unfortunately, that timeout is used in all sorts of cases, so it does
> not tell us what is timing out.
>
> As a rank guess, I would be going for DNS timeout myself. Do you have
> HostnameLookups set to "On" or "Double", or using host names in ACLs?
>
> Cheers
>
> Tom
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
We are not doing any hostname ACLs.

Forgive my limited knowledge, I did RTFM before replying to make sure I
understood
the intended config and no, we are not doing any.

"HostnameLookups Off"

How come a restart "fixes" the problem?

Thank you.

Mime
View raw message