Re: slower connect from hostnossl clients
| От | Pavel Stehule |
|---|---|
| Тема | Re: slower connect from hostnossl clients |
| Дата | |
| Msg-id | CAFj8pRAMKF+Af3Ch22c4OiWNba5QPkasoq57RjXEhAKZ4TV2wQ@mail.gmail.com обсуждение исходный текст |
| Ответ на | Re: slower connect from hostnossl clients (Magnus Hagander <magnus@hagander.net>) |
| Список | pgsql-hackers |
2016-06-07 12:18 GMT+02:00 Magnus Hagander <magnus@hagander.net>:
On Tue, Jun 7, 2016 at 11:31 AM, Pavel Stehule <pavel.stehule@gmail.com> wrote:2016-06-07 11:29 GMT+02:00 Magnus Hagander <magnus@hagander.net>:On Tue, Jun 7, 2016 at 11:24 AM, Pavel Stehule <pavel.stehule@gmail.com> wrote:Is it expected behave?The ssl connection is slower, and it is expected. But when I configure pg_hba.conf to disable ssl via hostnossl, then ssl is not used, but the speed is similar to ssl.HiI am testing speed of connection to Postgres.That's definitely not expected behavior. hostnossl should turn off ssl which should turn off the overhead completely. Does it make a difference if you also disable it from the client side?When I explicitly disabled ssl, then I seen significantly less timeIntersting. Can you check with a network trace that it actually turns off ssl, so nothing is broken there?
I tested it on local only. The difference is +/- 5-10 ms, but it is well visible
My customer tested it on network, but on Windows, and there difference is about 100ms
Pavel
One thing that could be taking the time is an extra roundtrip -- e.g. it tries to connect with ssl fails and retries without. A network trace should also make this obvious, and can hopefully show you exactly where in the connection the time is spent.
See attached log
My pg_hba.conf
# TYPE DATABASE USER ADDRESS METHOD
# "local" is for Unix domain socket connections only
local all all trust
# IPv4 local connections:
hostnossl all all 10.151.1.41/32 trust
# IPv6 local connections:
host all all ::1/128 trust
# TYPE DATABASE USER ADDRESS METHOD
# "local" is for Unix domain socket connections only
local all all trust
# IPv4 local connections:
hostnossl all all 10.151.1.41/32 trust
# IPv6 local connections:
host all all ::1/128 trust
connection string
host=10.151.1.41 port=5432 dbname=postgres user=pavel
host=10.151.1.41 port=5432 dbname=postgres user=pavel
Regards
Pavel
--
Вложения
В списке pgsql-hackers по дате отправления: