[Bug 193221] New: net/relayd 100% cpu when answering TLS requests
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Mon Sep 1 14:14:31 UTC 2014
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=193221
Bug ID: 193221
Summary: net/relayd 100% cpu when answering TLS requests
Product: Ports Tree
Version: Latest
Hardware: amd64
OS: Any
Status: Needs Triage
Severity: Affects Only Me
Priority: ---
Component: Individual Port(s)
Assignee: freebsd-ports-bugs at FreeBSD.org
Reporter: lists at rewt.org.uk
I'm using relayd-5.5.20140810 with the config below, when relayd receives a
request on TLS, the process consumes 100% cpu after the client sends a hello:
(ip addresses changed to protect the innocent)
ext_addr="10.0.0.1"
webhost1="192.168.0.1"
webhost2="192.168.0.1"
table <webhosts> { $webhost1 $webhost2 }
interval 10
timeout 200
prefork 5
log updates
http protocol http {
match request header append "X-Forwarded-For" value "$REMOTE_ADDR"
match request header append "X-Forwarded-By" value
"$SERVER_ADDR:$SERVER_PORT"
match request header set "Connection" value "close"
tcp { nodelay, sack, socket buffer 65536, backlog 128 }
ssl { no sslv2, sslv3, tlsv1, ciphers HIGH }
# ssl session cache disable
}
relay www {
listen on $ext_addr port 80
protocol http
forward to <webhosts> port http mode loadbalance check http "/" code
200
}
http protocol httpssl {
match request header append "X-Forwarded-For" value "$REMOTE_ADDR"
match request header append "X-Forwarded-By" value
"$SERVER_ADDR:$SERVER_PORT"
match request header set "Connection" value "close"
tcp { nodelay, sack, socket buffer 65536, backlog 128 }
ssl { no sslv2, sslv3, tlsv1, ciphers HIGH }
# ssl session cache disable
}
relay wwwssl {
listen on $ext_addr port 443 ssl
protocol httpssl
forward to <webhosts> port http mode loadbalance \
check http "/" code 200
}
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-ports-bugs
mailing list