Bad performance with static files + keepalive

Server NGINX
1

Hi List,

i have a strange performance-issue on a server that serves
static-files only (http + https), if files are bigger than 5k:

  • rps drops from 6500 rps (empty file) to 13 rps when requesting a file

5k

  • perftest with location /perftest/ is at 8000 rps (https) / 15000 rps
    (http)

  • perftest with empty.html is 6500 rps (https) / 13000 rps (http)

  • perftest with 5k script.js is 1500 rps (https) / 12000 rps (http)

  • perftest with 30k script.js is 13 rps (https) / 300 rps (http)

  • beside that bad performance we have a lot of complaints of
    slow servers and i can confirm that loading of these resouces takes up
    to 15
    seconds

  • OS is SLES11.2, system is a kvm virtual-machine, 2 cores, 1GB ram,
    270mb
    free, 420mb cached

  • fresh reboot

  • no iowait

  • no shortage of ram

  • error_log/debug shows nothing.

what i played with so far, with no improvements:

  • open_file_cache
  • keepalive_requests 10…100000
  • keepalive_timeout
  • sendfile/tcp_*
  • various ssl_ciphers (PFS is not needed here)
  • different nginx-version (os is 1.0.10, self-compiled is 1.4.2)

i’m scratching my head an am wondering: what did i missed?
there must be something … on similar setup with debian/ssl
we receive an average of 4000 rps for static files with
PFS-algos on.

ssl/config

worker_processes 2;

worker_rlimit_nofile 10000;

#error_log /var/log/nginx/error.log;
#error_log /var/log/nginx/error.log notice;
#error_log /var/log/nginx/error.log info;

#pid /var/run/nginx.pid;

events {
worker_connections 1000;
use epoll;
multi_accept on;
}

http {
include mime.types;
default_type application/octet-stream;

#log_format  main  '$remote_addr - $remote_user [$time_local]

“$request”

# '$status $body_bytes_sent “$http_referer” ’
# ‘“$http_user_agent” “$http_x_forwarded_for”’;

access_log off;

sendfile        on;
tcp_nopush     on;
tcp_nodelay on;

send_timeout 15s;


#keepalive_timeout  0s;
keepalive_timeout  15s;
keepalive_requests  10;

server_tokens off;

open_file_cache max=1000 inactive=20s;
open_file_cache_valid    60s;
open_file_cache_min_uses 2;
open_file_cache_errors   on;

}

server {

ssl_session_cache shared:SSL:10m;
ssl_session_timeout 1440m;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;

ssl_ciphers

ECDHE-RSA-AES256-SHA384:AES256-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH:!AESGCM;

ssl_ciphers RC4:HIGH:!aNULL:!MD5;

#ssl_ciphers
ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA384:ECD
HE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-SHA2
56:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-RC4-SHA:ECDHE-RSA-RC4-SHA:ECDH-ECDSA-RC4-SHA:ECDH-RSA-RC4-SHA:E
CDHE-RSA-AES256-SHA:RC4-SHA:HIGH:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!CBC:!EDH:!kEDH:!PSK:!SRP:!kECDH;

ssl_prefer_server_ciphers on;

ssl_ciphers HIGH:!aNULL:!MD5:!kEDH:!kECDH;

location / {
root /srv/htdocs/domain;
expires 1w;

}

location /perftest {
return 200;
}

regards & thanx in advance

Posted at Nginx Forum: