My web server is a CentOS box thus:
[root ~]# uname -a Linux mbrc21 2.6.18-92.1.22.el5 #1 SMP Tue Dec 16 12:03:43 EST 2008 i686 athlon i386 GNU/Linux root ~]# rpm -q httpd httpd-2.2.3-22.el5.centos.2
My development and standby is on a Fedora box thus:
[root ~]# uname -a Linux mbrc32 2.6.23.17-88.fc7 #1 SMP Thu May 15 00:35:10 EDT 2008 i686 athlon i386 GNU/Linux [root@ ~]# rpm -q httpd httpd-2.2.8-1.fc7
They are close neighbors on my LAN.
Now I recently revised my httpd.conf making it somewhat more complex and adding ssl for part of it. Running the same configuration on both boxes, I find that the Fedora box runs rapidly, while the CentOS box is very slow.
Examining the situation with WireShark on both boxes I find that in responding to a simple GET, the CentOS box does a sequence of DNS queries to resolve the details of the location of the client IP address, whereas the Fedora box does no such thing. It ts these DNS queries that are causing the slow response.
Now if I revert to the old configuration, there is no such problem and WireShark shows that there are no DNS queries.
Advice on how to proceed would be much appreciated.
Thanks, Mike.
What did you revise in your httpd.conf file? My guess is that you enabled DNS lookups for the connecting clients.
On Mon, Aug 3, 2009 at 7:48 PM, Mike -- EMAIL IGNOREDm_d_berger_1900@yahoo.com wrote:
My web server is a CentOS box thus:
[root ~]# uname -a Linux mbrc21 2.6.18-92.1.22.el5 #1 SMP Tue Dec 16 12:03:43 EST 2008 i686 athlon i386 GNU/Linux root ~]# rpm -q httpd httpd-2.2.3-22.el5.centos.2
My development and standby is on a Fedora box thus:
[root ~]# uname -a Linux mbrc32 2.6.23.17-88.fc7 #1 SMP Thu May 15 00:35:10 EDT 2008 i686 athlon i386 GNU/Linux [root@ ~]# rpm -q httpd httpd-2.2.8-1.fc7
They are close neighbors on my LAN.
Now I recently revised my httpd.conf making it somewhat more complex and adding ssl for part of it. Running the same configuration on both boxes, I find that the Fedora box runs rapidly, while the CentOS box is very slow.
Examining the situation with WireShark on both boxes I find that in responding to a simple GET, the CentOS box does a sequence of DNS queries to resolve the details of the location of the client IP address, whereas the Fedora box does no such thing. It ts these DNS queries that are causing the slow response.
Now if I revert to the old configuration, there is no such problem and WireShark shows that there are no DNS queries.
Advice on how to proceed would be much appreciated.
Thanks, Mike.
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
On Mon, 03 Aug 2009 20:11:09 -0400, Brian Mathis wrote:
What did you revise in your httpd.conf file? My guess is that you enabled DNS lookups for the connecting clients.
HostnameLookups Off
The changes were largely the removal of a lot of common code for <Directory>s and <VirtualHost>s to other files and the addition of Includes. I then tightened up some <RewriteRule>s and <RewriteCond>s, and added some <IfDefine> so I don't have to edit the file as often. And I added SSL for one virtual host, and bought a certificate.
Remember -- the httpd configuration and the web data itself are exactly the same on both boxes, except for the IP addresses.
Mike.
On Tue, Aug 04, 2009 at 12:33:38AM +0000, Mike -- EMAIL IGNORED wrote:
On Mon, 03 Aug 2009 20:11:09 -0400, Brian Mathis wrote:
What did you revise in your httpd.conf file? My guess is that you enabled DNS lookups for the connecting clients.
HostnameLookups Off
Precisely. This tells apache to do DNS lookups or not. By setting this "off" your log files will contain only IP addresses, and any CGI program called will only see IP addresses. If you set this on then apache will _for every request_ do a DNS lookup (maybe nscd will have cached it) and log the name.
Reverse DNS can be slow. It's strongly recommended that web servers leave this option off.
Mike -- EMAIL IGNORED wrote:
On Mon, 03 Aug 2009 20:11:09 -0400, Brian Mathis wrote:
What did you revise in your httpd.conf file? My guess is that you enabled DNS lookups for the connecting clients.
HostnameLookups Off
The changes were largely the removal of a lot of common code for <Directory>s and <VirtualHost>s to other files and the addition of Includes. I then tightened up some <RewriteRule>s and <RewriteCond>s, and added some <IfDefine> so I don't have to edit the file as often. And I added SSL for one virtual host, and bought a certificate.
Remember -- the httpd configuration and the web data itself are exactly the same on both boxes, except for the IP addresses.
Are you doing any proxy passthrough's or rewrites resulting in a proxy? Or client access permissions based on hostnames. These things might be specified in a .htaccess file. Also, remember that all the /etc/httpd/conf.d/*.conf files are included.
On Mon, 03 Aug 2009 20:23:18 -0500, Les Mikesell wrote:
[...]
Are you doing any proxy passthrough's or rewrites resulting in a proxy? Or client access permissions based on hostnames. These things might be specified in a .htaccess file. Also, remember that all the /etc/httpd/conf.d/*.conf files are included.
I did cd /etc/httpd/conf.d/; grep -i HostnameLookups *; . Anything else I should look for? There are no .htaccess files. I do use reverse proxy to access large files which at present are on the same box. However, the failure occurs on the home page which is a simple menu that doesn't call the reverse proxy. It does go through a rather complex CGI written in C++. However, for the home page, nothing complex happens; it is just passed through.
Thanks for your ideas.
Mike.
-
Brian Mathis -
Les Mikesell -
Mike -- EMAIL IGNORED -
Stephen Harris