Re: [BugDB] Performance issue (PR#723)
Hi Lutz...
I compile apache using...: (from mod_ssl dir)
export CFLAGS='-DHARD_SERVER_LIMIT=8192'; ./configure
--disable-rule=DEV_RANDOM --disable-rule=EXPAT --disable-rule=IRIXN32
--disable-rule=IRIXNIS --disable-rule=SHARED_CHAIN
--disable-rule=WANTHSREGEX --enable-module=most
--enable-module=mmap_static --enable-shared=max
--with-apache=../apache_1.3.26 --with-ssl=../openssl-0.9.6d
--prefix=/opt/apache-1.3.26
cd ../apache_1.3.26
make
and I have...:
denao@isherwood /opt/apache-1.3.26# bin/httpd -l
Compiled-in modules:
http_core.c
mod_so.c
suexec: disabled; invalid wrapper /opt/apache-1.3.26/bin/suexec
and at the conf, I call...:
LoadModule mmap_static_module libexec/mod_mmap_static.so
LoadModule config_log_module libexec/mod_log_config.so
#LoadModule mime_magic_module libexec/mod_mime_magic.so
LoadModule mime_modulelibexec/mod_mime.so
LoadModule status_module libexec/mod_status.so
LoadModule info_modulelibexec/mod_info.so
LoadModule imap_modulelibexec/mod_imap.so
LoadModule access_module libexec/mod_access.so
LoadModule expires_module libexec/mod_expires.so
LoadModule setenvif_modulelibexec/mod_setenvif.so
LoadModule negotiation_module libexec/mod_negotiation.so
#LoadModule vhost_alias_module libexec/mod_vhost_alias.so
LoadModule ssl_module libexec/libssl.so
The real strange thing here, is that those high loads never happens
using apache1.3.22 and mod_ssl 2.8.5... but any combination newer than
this, brings me a high load.
Best regards, and thank you so much for helping me out on this.
Denis.
On Sat, 2002-06-29 at 06:51, Lutz Jaenicke wrote:
> On Fri, Jun 28, 2002 at 11:25:09PM +0200, [EMAIL PROTECTED] wrote:
> > I tried with the prngd and exactly the same problem appeared.
>
> I don't think, that your problem has to do with random seeding.
> Even the built-in seeding should not cause significant load increases.
>
> What other modules or add-ons do you use? I know that there is at least
> one interaction between php4 and mod_ssl: child processes do not correctly
> shut down, when both modules are used.
>
> Best regards,
> Lutz
> --
> Lutz Jaenicke [EMAIL PROTECTED]
> http://www.aet.TU-Cottbus.DE/personen/jaenicke/
> BTU Cottbus, Allgemeine Elektrotechnik
> Universitaetsplatz 3-4, D-03044 Cottbus
> __
> Apache Interface to OpenSSL (mod_ssl) www.modssl.org
> User Support Mailing List [EMAIL PROTECTED]
> Automated List Manager[EMAIL PROTECTED]
>
--
Denis A.V.Jr. - [EMAIL PROTECTED]
Systems Engineer - ICQ 2524962
Universo Online
perl -e 'print "computers are like air-conditioners: they stop working
when you open windows ", pack("c*",hex
"3A",sqrt(2025),(unpack(c,"=")-20),10);'
__
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]
Re: [BugDB] Performance issue (PR#723)
On Fri, Jun 28, 2002 at 11:25:09PM +0200, [EMAIL PROTECTED] wrote: > I tried with the prngd and exactly the same problem appeared. I don't think, that your problem has to do with random seeding. Even the built-in seeding should not cause significant load increases. What other modules or add-ons do you use? I know that there is at least one interaction between php4 and mod_ssl: child processes do not correctly shut down, when both modules are used. Best regards, Lutz -- Lutz Jaenicke [EMAIL PROTECTED] http://www.aet.TU-Cottbus.DE/personen/jaenicke/ BTU Cottbus, Allgemeine Elektrotechnik Universitaetsplatz 3-4, D-03044 Cottbus __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: [BugDB] Performance issue (PR#723)
Hi,
I tried with the prngd and exactly the same problem appeared.
=(
Regards
On Mon, 2002-06-24 at 05:52, Thomas Binder wrote:
> Hi!
>
> On Sat, Jun 22, 2002 at 01:49:12AM +0200, [EMAIL PROTECTED] wrote:
> > This caused a different behavior. I mean, it took a little while
> > (~3 minutes), to the loadav get high, and after a few minutes,
> > it got worse... the loadav reached ~60... Without the
> > "no-threads no-idea -fPIC" options at the openSSL compilation,
> > the high loadav is instantaneous.
> >
> > I can bring any information you need to debug this problem. Just
> > let me know what do you need.
>
> What kind of random seed do you use? As far as I know, IRIX has no
> /dev/random (nor /dev/urandom), so I might be a good idea to
> install prngd and let SSLRandomSeed point to its socket (using
> egd:/path/to/socket)
>
> This might already solve your problem.
>
>
> Ciao
>
> Thomas
> __
> Apache Interface to OpenSSL (mod_ssl) www.modssl.org
> User Support Mailing List [EMAIL PROTECTED]
> Automated List Manager[EMAIL PROTECTED]
>
--
Denis A.V.Jr. - [EMAIL PROTECTED]
Systems Engineer - ICQ 2524962
Universo Online
perl -e 'print "computers are like air-conditioners: they stop working
when you open windows ", pack("c*",hex
"3A",sqrt(2025),(unpack(c,"=")-20),10);'
__
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]
Re: [BugDB] Performance issue (PR#723)
Hi Thomas,
I'll try that and send the results to the list.
thank you
On Mon, 2002-06-24 at 05:52, Thomas Binder wrote:
> Hi!
>
> On Sat, Jun 22, 2002 at 01:49:12AM +0200, [EMAIL PROTECTED] wrote:
> > This caused a different behavior. I mean, it took a little while
> > (~3 minutes), to the loadav get high, and after a few minutes,
> > it got worse... the loadav reached ~60... Without the
> > "no-threads no-idea -fPIC" options at the openSSL compilation,
> > the high loadav is instantaneous.
> >
> > I can bring any information you need to debug this problem. Just
> > let me know what do you need.
>
> What kind of random seed do you use? As far as I know, IRIX has no
> /dev/random (nor /dev/urandom), so I might be a good idea to
> install prngd and let SSLRandomSeed point to its socket (using
> egd:/path/to/socket)
>
> This might already solve your problem.
>
>
> Ciao
>
> Thomas
> __
> Apache Interface to OpenSSL (mod_ssl) www.modssl.org
> User Support Mailing List [EMAIL PROTECTED]
> Automated List Manager[EMAIL PROTECTED]
>
--
Denis A.V.Jr. - [EMAIL PROTECTED]
Systems Engineer - ICQ 2524962
Universo Online
perl -e 'print "computers are like air-conditioners: they stop working
when you open windows ", pack("c*",hex
"3A",sqrt(2025),(unpack(c,"=")-20),10);'
__
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]
Re: [BugDB] Performance issue (PR#723)
Hi! On Sat, Jun 22, 2002 at 01:49:12AM +0200, [EMAIL PROTECTED] wrote: > This caused a different behavior. I mean, it took a little while > (~3 minutes), to the loadav get high, and after a few minutes, > it got worse... the loadav reached ~60... Without the > "no-threads no-idea -fPIC" options at the openSSL compilation, > the high loadav is instantaneous. > > I can bring any information you need to debug this problem. Just > let me know what do you need. What kind of random seed do you use? As far as I know, IRIX has no /dev/random (nor /dev/urandom), so I might be a good idea to install prngd and let SSLRandomSeed point to its socket (using egd:/path/to/socket) This might already solve your problem. Ciao Thomas __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
[BugDB] Performance issue (PR#723)
Full_Name: Denis Almeida Vieira Junior Version: 2.8.9 OS: Solaris 2.7 Submission from: (NULL) (200.221.27.122) Hey there. I've been detecting some performance problems, since the version 2.8.6. Today, I'm testing with Apache 1.3.26 + mod_ssl 2.8.9 and openssl 0.9.6d. The configuration "Apache 1.3.22 + mod_ssl 2.8.5 + openssl 0.9.6b" and lower, works fine. So, here is the problem: Case 1) - "Apache 1.3.22 + mod_ssl 2.8.5 + openssl 0.9.6b". "Working fine, but apache vulnerable (chunk vuln) and (zlib problems). configuration: export CFLAGS='-DHARD_SERVER_LIMIT=8192'; ./configure --with-apache=../apache_1.3.22 --with-ssl=../../openssl-0.9.6b --disable-rule=DEV_RANDOM --disable-rule=EXPAT --disable-rule=IRIXN32 --disable-rule=IRIXNIS --disable-rule=WANTHSREGEX --enable-module=most --enable-module=mmap_static --enable-shared=ssl --enable-shared=max --prefix=/opt/apache1322 This case works fine. I stressed the server, with 150 threads, and the loadav was considerably (~4). Case 2) - "Apache 1.3.26 + mod_ssl 2.8.9 + openssl 0.9.6d". The perfect situation. No chunk exploit or zlib problems. configuration: export CFLAGS='-DHARD_SERVER_LIMIT=8192'; ./configure --with-apache=../apache_1.3.26 --with-ssl=../../openssl-0.9.6d --disable-rule=DEV_RANDOM --disable-rule=EXPAT --disable-rule=IRIXN32 --disable-rule=IRIXNIS --disable-rule=WANTHSREGEX --enable-module=most --enable-module=mmap_static --enable-shared=ssl --enable-shared=max --prefix=/opt/apache1326 This case unveils the performance issue. And the same happens with any version newer than the case 1. The same stress situation, under this condition, same config httpd.conf file, the server works on a ~40 loadav. In this case 2, I opened a new test, under the same conditions, but the compilation of the OpenSSL. I tried the "./config no-threads no-idea -fPIC" configuration and compilation options. This caused a different behavior. I mean, it took a little while (~3 minutes), to the loadav get high, and after a few minutes, it got worse... the loadav reached ~60... Without the "no-threads no-idea -fPIC" options at the openSSL compilation, the high loadav is instantaneous. I can bring any information you need to debug this problem. Just let me know what do you need. I really need a help here. I have problems upgrading my servers because the performance issue, and I need to, to fix the chunk and zlib problems. Any help would be gladly appreciated. B. Regards. Denis. __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
