Re: [AOLSERVER] Dossy's nsopenssl 3 beta testing

Fri, 13 Aug 2004 00:00:53 -0700 

Dossy Shiobara wrote:
> ..

Janine and others: do you have "SSLv2" in the list of protocols
configured in your server context for the nsopenssl module?


yes

If you do have SSLv2 in the protocols list and are still seeing the
problem, then I don't know what's wrong.  Once I set up the certificate
and key .pem files so that nsopenssl could load them, and added "SSLv2"
to the list, and configure the "maxinput" parameter correctly, I haven't
been able to reproduce the error.


hem. I Didn't have maxinput and recvwait configured for the /ssldriver

Now those have been added, aolserver4.0.7 nsopenssl3b21 boots without
crashing (usually during load of nssock.so).  However, instability still
exists with CPU demand excessive and often leading to a crash.

For example, on this VM on a Dual-Xeon 2.4Ghz 4Gig ram server running
freebsd-4.10-stable with 2 nsd:

aolserver3.4.2 using nsopenssl2.x production on port 80/443:  circa 2% cpu
aolserver4.0.7 using nsopenssl3b21 testonly on port 8000/8443: circa 95% cpu

duey# ps -auxww | grep aolserver
nobody   20804 91.8  1.8 91288 75020  ??  RsJ   4:35AM  23:09.00
/usr/local/aolserver4.0.7/bin/nsd8x -t
/var/lib/aolserver/service1/etc/config4.tcl -u nobody -g nobody -b
w.x.y.z:8000,w.x.y.z:8443 (nsd)
nobody   27056  0.4  6.0 255840 249272  ??  SsJ  Tue06AM  67:45.57
/usr/local/aolserver3.4.2/bin/nsd8x -t
/var/lib/aolserver/service1/etc/config.tcl -u nobody -g nobody

duey# grep 'GET /' service1-4.0.7-error.log | wc -l
      69
That's about 18 mainly ssl page requests in 20 min

Some of the CPU is probably from having $debug true. Here's a repeat
with $debug set false:

Ha! It crashed on startup without error msg. Last line in error.log:
[13/Aug/2004:05:34:46][26008.134533120][-main-] Notice: Loading
packages/acs-tcl/tcl/utilities-init.tcl...

Trying 1 more time..

listening on ports, no page requests yet on 4.0.7:
duey# ps -auxww | grep aol
nobody   35052  0.0  6.0 255840 249272  ??  SsJ  Tue06AM  68:25.46
/usr/local/aolserver3.4.2/bin/nsd8x -t
/var/lib/aolserver/service1/etc/config.tcl -u nobody -g nobody
nobody   65412  0.0  0.7 37064 28948  ??  SsJ   5:58AM   1:46.86
/usr/local/aolserver4.0.7/bin/nsd8x -t
/var/lib/aolserver/service1/etc/config4.tcl -u nobody -g nobody -b
w.x.y.z:8000,w.x.y.z:8443 (nsd)

a few mins and http+https page requests later:
duey# ps -auxww | grep aol
nobody   35052  0.0  6.0 255840 249300  ??  SsJ  Tue06AM  68:38.59
/usr/local/aolserver3.4.2/bin/nsd8x -t
/var/lib/aolserver/service1/etc/config.tcl -u nobody -g nobody
nobody   65412  0.0  1.5 73888 60096  ??  SsJ   5:58AM   1:50.19
/usr/local/aolserver4.0.7/bin/nsd8x -t
/var/lib/aolserver/service1/etc/config4.tcl -u nobody -g nobody -b
w.x.y.z:8000,w.x.y.z:8443 (nsd)

It is staying within optimal limits.  I will try it on the LAN for awhile.

Thanks, Dossy.


--
AOLserver - http://www.aolserver.com/

To Remove yourself from this list, simply send an email to <[EMAIL PROTECTED]> with the
body of "SIGNOFF AOLSERVER" in the email message. You can leave the Subject: field of 
your email blank.

Reply via email to