Hi again everyone! Just posting a status update (because I hate coming across old threads with reports of a problem I'm experiencing, and there is no answer!) What I've found so far is starting to look like a Linux kernel bug that was fixed for ipv6, but still remains for ipv4! Here's the relevant discussion: https://groups.google.com/forum/?fromgroups=#!topic/linux_net/ACDB15QbHls
And thanks for making nginx awesome! :) On Tue, Mar 19, 2013 at 3:42 PM, Jay Oster <j...@kodewerx.org> wrote: > Hi Andrei! > > On Tue, Mar 19, 2013 at 2:49 AM, Andrei Belov <de...@nginx.com> wrote: > >> Hello Jay, >> >> If I understand you right, issue can be repeated in the following cases: >> >> 1) client and server are on different EC2 instances, public IPs are used; >> 2) client and server are on different EC2 instances, private IPs are used; >> 3) client and server are on a single EC2 instance, public IP is used. >> >> And there are no problems when: >> >> 1) client and server are on a single EC2 instance, either loopback or >> private IP is used. >> >> Please correct me if I'm wrong. >> > > If by "client" you mean nginx, and by "server" you mean our upstream HTTP > service ... That is exactly correct. You could also throw in another > permutation by changing where ApacheBench is run, but it doesn't change the > occurrence of dropped packets; only increases average latency when AB and > nginx are on separate EC2 instances. > > >> What about EC2 security group - do the client and the server use the same >> group? >> How many rules are present in this group? Have you tried to either >> decrease >> a number of rules used, or create "pass any to any" simple configuration? >> > > That's a great point! We have been struggling with the number of firewall > rules as a separate matter, in fact. There may be some relation here. Thank > you for reminding me. > > >> And just to clarify the things - under "external IP address" do you mean >> EC2 >> instance's public IP, or maybe Elastic IP? > > > I'm talking about the instance public IPs. Elastic IPs are only used for > client access to nginx. And specifically only for managing DNS. Between > nginx and upstream servers, the public IPs are used. >
_______________________________________________ nginx mailing list nginx@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx