Discover Centmin Mod today
Register Now

Nginx Optimizing TLS over TCP to reduce latency: TLS dynamic record sizing

Discussion in 'Nginx and PHP-FPM news & discussions' started by rdan, Jun 10, 2016.

  1. pamamolf

    pamamolf Premium Member Premium Member

    3,826
    370
    83
    May 31, 2014
    Ratings:
    +712
    Local Time:
    10:56 AM
    Nginx-1.17.x
    MariaDB 10.3.x
    Am i missing something?

    Result:

    NGINX_DYNAMICTLS ?

    I just update Centminmod to latest version and then i was recompile...

    Where is it?

    Or is it just a patch that will not output anything as a module does?
     
  2. eva2000

    eva2000 Administrator Staff Member

    44,743
    10,200
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +15,809
    Local Time:
    5:56 PM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    It isn't something that shows up in nginx -V output.. it's just a patch. If you want to really see if it's working test in webpagetest.org/gtmetrix like Matt and I did and/or do tcpdump of the port 443 traffic for test requests and inspect in wireshark.
     
  3. knguyen2015

    knguyen2015 New Member

    11
    1
    3
    Aug 27, 2017
    Ratings:
    +1
    Local Time:
    3:56 AM
    1.12.1
    15.1
    I won't work with nginx 1.13.9 anymore.
     
  4. eva2000

    eva2000 Administrator Staff Member

    44,743
    10,200
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +15,809
    Local Time:
    5:56 PM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    Which version of Centmin Mod you using 123.08stable or 123.09beta01 ? NGINX_DYNAMICTLS='y' option to enable Cloudflare Dynamic TLS Record Size patch on Nginx recompile with centmin.sh menu option 4 will only work with Centmin Mod 123.09beta01 based Nginx and not 123.08stable.

    What you mean it's not providing the performance savings it was before 1.13.9 or you mean wont' compile with the patch ? Works fine here with my Centmin Mod Nginx 1.13.9 install.

    At end of centmin.sh menu option 4 installs, you get a list of logs created including one for a time stamped patch nginx log which contains the following at /root/centminlogs/patch_patchnginx_250218-141920.log for patch details
    Code (Text):
    ######################################################################
    Patching Nginx for Dynamic TLS Size Support
    ######################################################################
    Cloudflare Nginx Dynamic TLS patch
    https://github.com/cloudflare/sslconfig/raw/master/patches/nginx__dynamic_tls_records.patch
    ######################################################################
    patch -p1 < /usr/local/src/centminmod/patches/cloudflare/nginx__dynamic_tls_records_1011005.patch
    patching file src/event/ngx_event_openssl.c
    Hunk #1 succeeded at 1174 (offset 43 lines).
    Hunk #2 succeeded at 1713 (offset 43 lines).
    Hunk #3 succeeded at 1849 (offset 43 lines).
    patching file src/event/ngx_event_openssl.h
    Hunk #1 succeeded at 60 with fuzz 1 (offset 6 lines).
    Hunk #2 succeeded at 95 (offset 6 lines).
    Hunk #3 succeeded at 108 (offset 6 lines).
    patching file src/http/modules/ngx_http_ssl_module.c
    Hunk #1 succeeded at 234 (offset 1 line).
    Hunk #2 succeeded at 594 (offset 26 lines).
    Hunk #3 succeeded at 664 (offset 26 lines).
    Hunk #4 succeeded at 858 (offset 26 lines).
    patching file src/http/modules/ngx_http_ssl_module.h
    

    Using Nginx 1.13.9