On Wed, Feb 12, 2014 at 8:48 AM, Willy Tarreau <w...@1wt.eu> wrote: > Hi Ilya, > > On Wed, Feb 12, 2014 at 08:36:20AM +0100, Willy Tarreau wrote: > > > One last set of followup question on configuration and defaults: > > > - we allow the user to tune buffer sizes - that's great. > > > - we allow the user to adjust record sizes: assuming above logic is in > > > place, can we change the default size to start small by default? > > > > I'd rather not do it, at least now. The optimal small size will depend > > on the MSS and most likely on the ciphers. I'd fear that with a default > > small size, some users would experience a nasty behaviour with something > > like two small packets and a third almost empty one. When you send that > > to certain windows hosts, you can be subject to a 200ms pause because > > even if the last segment contains a PUSH flag. This could cause more > > questions here on the list. I'd rather document it or post some articles > > showing the difference in performance based on such settings, just like > > you do all the time. After all it's a global setting, so it's not hard > > to set once for all. Maybe if in the long run we see everybody set it > > to a similar value, we'll finally change the default setting. What I > > can do however is to add a build setting to force the default value, > > just like we do with the buffer size. That way you can update your > > package and deploy an "optimal-by-default" version :-) > > OK so I've done all this. Now you can set the default SSL maxrecord to > a smaller one at build time using DEFAULT_SSL_MAX_RECORD. Similarly, > you can set the idle timer using "tune.idletimer" in the global section, > it defaults to 1 second, and you can change this default at build time > using DEFAULT_IDLE_TIMER. > > All of this was just pushed. >
Woohoo! Big kudos to Emeric and yourself for all the hard work here. Looking forward to seeing this out in the wild! :-) ig
