Hi Ilya, On Wed, Feb 12, 2014 at 08:36:20AM +0100, Willy Tarreau wrote: > > One last set of followup question on configuration and defaults: > > - we allow the user to tune buffer sizes - that's great. > > - we allow the user to adjust record sizes: assuming above logic is in > > place, can we change the default size to start small by default? > > I'd rather not do it, at least now. The optimal small size will depend > on the MSS and most likely on the ciphers. I'd fear that with a default > small size, some users would experience a nasty behaviour with something > like two small packets and a third almost empty one. When you send that > to certain windows hosts, you can be subject to a 200ms pause because > even if the last segment contains a PUSH flag. This could cause more > questions here on the list. I'd rather document it or post some articles > showing the difference in performance based on such settings, just like > you do all the time. After all it's a global setting, so it's not hard > to set once for all. Maybe if in the long run we see everybody set it > to a similar value, we'll finally change the default setting. What I > can do however is to add a build setting to force the default value, > just like we do with the buffer size. That way you can update your > package and deploy an "optimal-by-default" version :-)
OK so I've done all this. Now you can set the default SSL maxrecord to a smaller one at build time using DEFAULT_SSL_MAX_RECORD. Similarly, you can set the idle timer using "tune.idletimer" in the global section, it defaults to 1 second, and you can change this default at build time using DEFAULT_IDLE_TIMER. All of this was just pushed. Cheers, Willy
