Comments (2)
I have seen similar behavior while testing, where the number of active sessions (HTTPS) exceeds 500 (once it hits 501) causes the service to stop responding to requests. Waiting a little while will hard timeout some of the sessions, and the service becomes responsive again, but additional page loads will bring the active session count back to 501 and it becomes non-responsive again.
The session expiration appears to be broken from what I can tell - where sessions are expired extremely slow (1 per minute or more?) regardless of what the "session timeout" option is set to (I have it set to 15 seconds for testing).
My test configuration is pretty simple, with a single site running on httpd on the same server as relayd. Browsing a single test page (HTTPS page) with the word "Testing" copied a bunch of times appears to work fine. Holding down the F5 key to repeat load the page will cause the active session count to rise, up to 501, and then relayd stops responding to requests.
Note that relayctl works while this is happening, This is an example after it becomes non-responsive to additional HTTPS requests:
# relayctl show relay
Id Type Name Avlblty Status
1 relay httpsproxy active
total: 4344 sessions
last: 0/60s 4344/h 4344/d sessions
average: 0/60s 0/h 0/d sessions
I'd love to get this resolved since I would love to use relayd for all of our Layer 7 balancing, but we're stuck. Reyk - if you need any help testing, let me know. I'll be happy to help.
Eric
from relayd.
I forgot to mention that my testing was done with OpenBSD 5.7 (fresh install from ISO).
Also, it looks like relayd hung last night, causing 100% CPU utilization on all 4 processors.
Eric
from relayd.
Related Issues (18)
- relay http persistent connection HOT 1
- Relayd seems to strip away content from http payload. HOT 3
- SNI support HOT 2
- Better syntax errors
- relayd does not function with OpenSSL 1.1.x
- cannot match multiple URLs HOT 8
- Redirect host with specific url HOT 1
- relayd MITM/TLS Inspection does not currently appear to support SNI
- Different rules in one relay seem to be interfering when the [with tls] option is used.
- mixing HTTP and HTTPS forwards in one/two relays HOT 1
- Repo out of date?
- "relayctl host disable" only disables host for one port
- relayd can't load certificates HOT 2
- relayctl reload causes relayd to "hang" HOT 1
- Redirect in relayd? HOT 2
- Add support for ECDSA server certificates HOT 1
- IPv6 and SSL certificates HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from relayd.