Hi
Most of the time when I see pound stutter during processing it is the result of DNS access/latency. Maybe there is some problems on your network with routing to the DNS servers? -- Jake From: Nino Fink, Contria GmbH [mailto:[email protected]] Sent: Thursday, April 9, 2015 9:01 AM To: [email protected] Subject: [Pound Mailing List] Pound 2.7 Hickups on OpenBSD 5.6 We are running Pound 2.7 on a OpenBSD 5.6 Sever, with LIbreSSL 2.1.6, as nologin user "_pound" in a jailed environment. The server itself runs on ESX 5.5 (Dell R620 2*8 Core 192GB Ram with a 20GBit backbone) The VM got 4 Cores, 4GB Ram, 16GB HDD and one NIC assigned. In busy times (100-200 users) our pound is experiencing hickups, which means, the server becomes unresponsive for 3-10 seconds, in this time no logs are written and no user is able to login via ssh. After this the server is fine(fast and responsive, the site gets delivered fast), we don`t see any sign of work overload using top and the vsphere utillities. What could be the cause for this behavior? our config: ________________________________________________________________________________ User "_pound" Group "_pound" RootJail "/path/pound/jail" #Control Socket Control "/path/pound.socket" # 0=none, 1=normal, 2=extended, 3=CLF, etc. LogLevel 5 # backend check interval (in seconds) Alive 5 # client timeout Client 5 # backend timeout TimeOut 300 ListenHTTP Address xxx.xxx.xxx.xxx Port 80 # 0=GET/POST/HEAD, 1+=PUT/DELETE, 2+=WebDAV, 3+=MS WebDAV, 4+=MS RPC xHTTP 0 #ErrPages Err414 "/path/414.html" Err500 "/path/500.html" Err501 "/path/501.html" Err503 "/anon/503.html" End ListenHTTPS Address xxx.xxx.xxx.xxx Port 443 # Zertifikatsfile wird vor dem chroot gelesen und im memory gehalten Cert "/path/anon.sha256.pem" Cert "/path/anon.org.sha256.pem" # 0=GET/POST/HEAD, 1+=PUT/DELETE, 2+=WebDAV, 3+=MS WebDAV, 4+=MS RPC xHTTP 0 #ErrPages Err414 "/path/414.html" Err500 "/path/500.html" Err501 "/path/501.html" Err503 "/anon/503.html" # CIPHER SSLHonorCipherOrder 1 Ciphers "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:DHE-RSA-DES-CBC3-SHA" End # web1.anon.org <http://web1.anon.org> Service HeadRequire "Host: (.?)*anon\.org.*" BackEnd Address xxx.xxx.xxx.xxx Port 80 End Session Type Cookie ID "PHPSESSID" TTL 10800 End End ___________________________________________________________________ Freundliche GrĂ¼sse Nino Fink -- Netzwerkabteilung Contria GmbH Steinackerweg 18 4901 Langenthal Tel. +41 62 919 07 90 Fax. +41 62 919 07 99 www.contria.ch <http://www.contria.ch>
