|
/
Zope
/
Apsis
/
Pound Mailing List
/
Archive
/
2010
/
2010-03
/
Re: [Pound Mailing List] TPROXY
[
Connection Timeouts / David W King ... ]
[
HTTPS Backend Config / Woon Khai Swen ... ]
Re: [Pound Mailing List] TPROXY
Falk Brockerhoff <nmc(at)smartterra.eu> |
2010-03-21 14:46:38 |
[ FULL ]
|
Hi there,
you would probably run into some kind of trouble with TPROXY and ListenHTTPS on
Pound... But for the rest it would be great - but not necessary for me at the
moment :)
Schönen Gruß aus Duisburg / Kind regards from Duisburg,
Falk Brockerhoff
smartTERRA Network Managment Center
[...]
|
|
|
Re: [Pound Mailing List] Connection Timeouts
Falk Brockerhoff <nmc(at)smartterra.eu> |
2010-03-21 14:41:29 |
[ FULL ]
|
Am 16.03.2010 um 17:02 schrieb Simon Matter:
[...][...]
Hm, is there a possibility to split the timeout for the answer for the client
and a second connection, only used for backend-availability checks? I have the
same problem and it would be very helpful for me, if I can specifiy an HTTP/1.0
Request on Port 80 on the ip address of the backend for availability check with
timeout 5s beside the normal access timeout for the client (which is 300s at
the moment and includes a HTTP/1.1 Header).
[...]
Schönen Gruß aus Duisburg / Kind regards from Duisburg,
Falk Brockerhoff
smartTERRA Network Managment Center
[...]
|
|
|
Re: [Pound Mailing List] Connection Timeouts
David W King <davidwk(at)goshen.edu> |
2010-03-25 17:05:56 |
[ FULL ]
|
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
This ended up not being a pound issue at all but I thought I would
document the solution here for anyone having the same problems who
happens to stumble across the archives of this thread somewhere.
The issue was Firefox and OCSP. Our root CA doesn't yet support OCSP so
when Firefox would access anything via pound, it would issue the OCSP
request and then wait until that timed out (since the CA would never
respond) this led to 1) really slow page loads and 2) pound timing out
while waiting on the client since the client was waiting on the CA.
The quick solution: In Firefox go to about:config and change the value
of security.OCSP.enabled to 0. Firefox stops issuing OCSP requests and
the whole problem goes away.
The proper solution: convince your CA to support OCSP (good luck :)
David King
Goshen College ITS
davidwk(at)goshen.edu
574-535-7726
Falk Brockerhoff wrote:[...]
>>> TimeOut 30[...][...][...][...]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAkurieQACgkQH+/Vg7DylXafPgCghMgYDLXkNkfmbMU9dXkNk888
UOkAn3o3wynGForbKl3vxmSZa/0dQ27r
=VNLS
-----END PGP SIGNATURE-----
|
|
|
|
