This appears to be legitimate, I was able to reproduce it on an HP cloud
instance with the given parameters. The first 1000 actual requests
always finish, but after that all fail.

I notice these kernel messages:
[ 1131.976324] TCP: Possible SYN flooding on port 80. Dropping request.  Check 
SNMP counters.

But I don't think it is related.

I see this as well *sometimes*:

[Wed Jul 25 20:20:10 2012] [error] server reached MaxClients setting,
consider raising the MaxClients setting

But MaxClients is set to 1500 so I'm not sure what that is.

The one difference mod_ssl would introduce would be the use of shared
memory for statistical gathering. So maybe the stats are running into a
shm limit.

I tried raising shmall to 4194304, but that just slowed things down a
bit, it still fails right at 1000. I also tried raising shmmni to 8192,
and that did nothing. Same for doubling shmmax.

On comparing strace's with and without mod_ssl enabled, the problem most
likely lies with shared memory or semaphore opertaions, which only seem
to be happening with mod_ssl. I also tried adjusting the numbers in
/proc/sys/kernel/sem but that did not alleviate the problem.

Also its worth noting that 1000 processes is inefficient for more
reasons than just memory. Context switching at the process level will be
far more expensive than a threaded model. For that reason alone I've set
this to "Medium", as its really just not a great way to configure
apache.

** Tags added: precise

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to apache2 in Ubuntu.
https://bugs.launchpad.net/bugs/1028470

Title:
  apache2+ssl hangs on high load

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1028470/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

Reply via email to