Hi, I have a pretty normal loadbalancing setup (2 relayd-loadbalancer, 2 backend hosts). The loadbalancer accepts ssl-encrypted sessions and forwards them unencrypted to the backend-hosts. Because all the hosts are on the same LAN I set the global timeout-directive to 200ms.
When now connecting from a slow internet-connection to my service, I often receive a "SSL accept timeout". After changing the global timeout to 2000ms the problem disappears. The man-pages only says timeout limits the time for the checks of the backend-hosts but nothing about the SSL-handshake from clients. Can someone agree or disgree to my guess that timeout also limits the time for the SSL-handshake? Thanks, Till