Hi Steve, Can you send us your configuration (anonymised if required). We also need your sysctls (at least the one you've modified).
Baptiste On Fri, Oct 11, 2013 at 4:43 AM, steve <[email protected]> wrote: > I have been working on trouble shooting Haproxy 1.5 dev 19 with SSL for the > last day or so on Cent OS 6.4 64bit. > > Lastest OpenSSL compiled 1.0.1e, recompiled haproxy with this make -s > TARGET=linux2628 USE_EPOLL=1 USE_OPENSSL=1 ARCH=x86_64 clean all > > SSL cert wild card, plus godaddy intermediate and our key. > > Our current set of issues we are seeing: > *Massive amounts of connection refused when running the test with ssl > *Very High usage of CPU on this 8 core 32 gig box with 100 gig ssd and 1gb > nic > *Maybe 1/4 the amount of traffic we can push though, compaired to a non ssl > test > > We are using Jmeter to load test and blazemeter to do up to 40k jmeter > threads for a full hour. > > Here is a list of the errors that are spit back after the test is done > Response codes > > response codecountresponse message > 400 29 Bad request > > Non HTTP response code: javax.net.ssl.SSLPeerUnverifiedException > 86069 Non HTTP response message: peer not authenticated > > Non HTTP response code: org.apache.http.conn.HttpHostConnectException 27229 > Non HTTP response message: Connection to https://xxxx.com:2222 refused > > Non HTTP response code: java.net.SocketException > 88 Non HTTP response message: Connection reset > > 4122 Precondition Failed > Non HTTP response code: org.apache.http.NoHttpResponseException270Non HTTP > response message: The target server failed to respond > > So this is what we are facing and we are not haproxy experts and think we > have taken it to the best of what we understand about haproxy config and > settings. > > special note: we do not have a web site on the backend, its user server for > an upcoming game we are working on so the stack is quite simple from haproxy > -> node.js --> db and back. > > Json data is posted to the user server and returned. > > >
