Re: Strange latency
That's interesting, I would have never thought of that. I did run `tcpdump -i eth0 -w dns.pcap` (eth0 is the internet facing interface) and ran my site for a while but nothing matched a DNS request. I don't have something in front of the proxy towards the internet to listen on at the moment either but I will definitely keep that in mind for later, thanks. -a On Oct 26, 2010, at 5:52 PM, Hank A. Paulson wrote: > Just a guess, but is there something that might be doing reverse dns lookups > for each request when using haproxy? I find when I turn on tcpdump on port 53 > on a firewall or router, I and others are surprised at how much reverse > lookup traffic there is going on in any given environment. > > On 10/26/10 2:02 PM, Simon Green - Centric IT Ltd wrote: >> Don't think there's hasn't been any traffic on this thread, so I thought I'd >> just chip in and say we run HAProxy on ESX4.1 with Stunnel in front on the >> same server and Apache servers behind and don't experience anything like the >> latency you mention below. >> >> -Original Message- >> From: Ariel [mailto:ar...@bidcactus.com] >> Sent: 25 October 2010 18:45 >> To: haproxy >> Subject: Strange latency >> >> I am using Rackspace cloud servers and trying to convince my boss that we >> should be using haproxy instead of apache at our frontend doing load >> balancing. For the most part I have set up what I consider a fairly >> successful staging environment (I have working ACL's and cookie based >> routing). The problem however is that when I use haproxy as my load >> balancer my round-trip time for a request goes up by about 50ms. With >> apache as the proxy every request has RTT of ~50ms, but now they are at over >> 100ms. >> >> I am using the same backend servers to test both apache and haproxy, all >> configuration rules the same as I could make them (client side keep-alive >> enabled). Also for a comparison I also set up a quick nginx server to do >> its (very dumb) load balancing solution, and its results are at the same >> speed or better of apache. Also, even when apache is terminating SSL and >> forwarding it on, the RTT does not go up. All three software is running >> (one at a time) on the same virtual server, so I don't think it is that I >> got a bad VPS slice or something like that. >> >> Also, when I use stunnel in front of haproxy to terminate https requests, it >> adds another ~50ms to the total RTT. And if I have to make the request go >> through another stunnel to the backend (a requirement for PCI compliance), >> it adds another ~50ms again. So now using the site with SSL is over 300ms >> per request just from the start. That may not be *terrible* but the site is >> very interactive and calls one AJAX request per second to keep lots of >> things updated. For general users around the internet the site is going to >> appear unresponsive and slow... >> >> I was wondering if anyone using haproxy in a virtualized environment as ever >> experienced something like this? Or maybe some configuration options to try >> to debug this? >> >> -a >> >
Re: Strange latency
Just a guess, but is there something that might be doing reverse dns lookups for each request when using haproxy? I find when I turn on tcpdump on port 53 on a firewall or router, I and others are surprised at how much reverse lookup traffic there is going on in any given environment. On 10/26/10 2:02 PM, Simon Green - Centric IT Ltd wrote: Don't think there's hasn't been any traffic on this thread, so I thought I'd just chip in and say we run HAProxy on ESX4.1 with Stunnel in front on the same server and Apache servers behind and don't experience anything like the latency you mention below. -Original Message- From: Ariel [mailto:ar...@bidcactus.com] Sent: 25 October 2010 18:45 To: haproxy Subject: Strange latency I am using Rackspace cloud servers and trying to convince my boss that we should be using haproxy instead of apache at our frontend doing load balancing. For the most part I have set up what I consider a fairly successful staging environment (I have working ACL's and cookie based routing). The problem however is that when I use haproxy as my load balancer my round-trip time for a request goes up by about 50ms. With apache as the proxy every request has RTT of ~50ms, but now they are at over 100ms. I am using the same backend servers to test both apache and haproxy, all configuration rules the same as I could make them (client side keep-alive enabled). Also for a comparison I also set up a quick nginx server to do its (very dumb) load balancing solution, and its results are at the same speed or better of apache. Also, even when apache is terminating SSL and forwarding it on, the RTT does not go up. All three software is running (one at a time) on the same virtual server, so I don't think it is that I got a bad VPS slice or something like that. Also, when I use stunnel in front of haproxy to terminate https requests, it adds another ~50ms to the total RTT. And if I have to make the request go through another stunnel to the backend (a requirement for PCI compliance), it adds another ~50ms again. So now using the site with SSL is over 300ms per request just from the start. That may not be *terrible* but the site is very interactive and calls one AJAX request per second to keep lots of things updated. For general users around the internet the site is going to appear unresponsive and slow... I was wondering if anyone using haproxy in a virtualized environment as ever experienced something like this? Or maybe some configuration options to try to debug this? -a
RE: Strange latency
Don't think there's hasn't been any traffic on this thread, so I thought I'd just chip in and say we run HAProxy on ESX4.1 with Stunnel in front on the same server and Apache servers behind and don't experience anything like the latency you mention below. -Original Message- From: Ariel [mailto:ar...@bidcactus.com] Sent: 25 October 2010 18:45 To: haproxy Subject: Strange latency I am using Rackspace cloud servers and trying to convince my boss that we should be using haproxy instead of apache at our frontend doing load balancing. For the most part I have set up what I consider a fairly successful staging environment (I have working ACL's and cookie based routing). The problem however is that when I use haproxy as my load balancer my round-trip time for a request goes up by about 50ms. With apache as the proxy every request has RTT of ~50ms, but now they are at over 100ms. I am using the same backend servers to test both apache and haproxy, all configuration rules the same as I could make them (client side keep-alive enabled). Also for a comparison I also set up a quick nginx server to do its (very dumb) load balancing solution, and its results are at the same speed or better of apache. Also, even when apache is terminating SSL and forwarding it on, the RTT does not go up. All three software is running (one at a time) on the same virtual server, so I don't think it is that I got a bad VPS slice or something like that. Also, when I use stunnel in front of haproxy to terminate https requests, it adds another ~50ms to the total RTT. And if I have to make the request go through another stunnel to the backend (a requirement for PCI compliance), it adds another ~50ms again. So now using the site with SSL is over 300ms per request just from the start. That may not be *terrible* but the site is very interactive and calls one AJAX request per second to keep lots of things updated. For general users around the internet the site is going to appear unresponsive and slow... I was wondering if anyone using haproxy in a virtualized environment as ever experienced something like this? Or maybe some configuration options to try to debug this? -a
