Welcome to Centmin Mod Community
Become a Member

Nginx Optimizing TLS over TCP to reduce latency: TLS dynamic record sizing

Discussion in 'Nginx and PHP-FPM news & discussions' started by rdan, Jun 10, 2016.

  1. pamamolf

    pamamolf Premium Member Premium Member

    4,074
    427
    83
    May 31, 2014
    Ratings:
    +833
    Local Time:
    4:43 AM
    Nginx-1.25.x
    MariaDB 10.3.x
    Am i missing something?

    Result:

    NGINX_DYNAMICTLS ?

    I just update Centminmod to latest version and then i was recompile...

    Where is it?


    Or is it just a patch that will not output anything as a module does?
     
  2. eva2000

    eva2000 Administrator Staff Member

    54,126
    12,179
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,739
    Local Time:
    12:43 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    It isn't something that shows up in nginx -V output.. it's just a patch. If you want to really see if it's working test in webpagetest.org/gtmetrix like Matt and I did and/or do tcpdump of the port 443 traffic for test requests and inspect in wireshark.
     
  3. knguyen2015

    knguyen2015 New Member

    11
    1
    3
    Aug 27, 2017
    Ratings:
    +1
    Local Time:
    9:43 PM
    1.12.1
    15.1
    I won't work with nginx 1.13.9 anymore.
     
  4. eva2000

    eva2000 Administrator Staff Member

    54,126
    12,179
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,739
    Local Time:
    12:43 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    Which version of Centmin Mod you using 123.08stable or 123.09beta01 ? NGINX_DYNAMICTLS='y' option to enable Cloudflare Dynamic TLS Record Size patch on Nginx recompile with centmin.sh menu option 4 will only work with Centmin Mod 123.09beta01 based Nginx and not 123.08stable.

    What you mean it's not providing the performance savings it was before 1.13.9 or you mean wont' compile with the patch ? Works fine here with my Centmin Mod Nginx 1.13.9 install.

    At end of centmin.sh menu option 4 installs, you get a list of logs created including one for a time stamped patch nginx log which contains the following at /root/centminlogs/patch_patchnginx_250218-141920.log for patch details
    Code (Text):
    ######################################################################
    Patching Nginx for Dynamic TLS Size Support
    ######################################################################
    Cloudflare Nginx Dynamic TLS patch
    https://github.com/cloudflare/sslconfig/raw/master/patches/nginx__dynamic_tls_records.patch
    ######################################################################
    patch -p1 < /usr/local/src/centminmod/patches/cloudflare/nginx__dynamic_tls_records_1011005.patch
    patching file src/event/ngx_event_openssl.c
    Hunk #1 succeeded at 1174 (offset 43 lines).
    Hunk #2 succeeded at 1713 (offset 43 lines).
    Hunk #3 succeeded at 1849 (offset 43 lines).
    patching file src/event/ngx_event_openssl.h
    Hunk #1 succeeded at 60 with fuzz 1 (offset 6 lines).
    Hunk #2 succeeded at 95 (offset 6 lines).
    Hunk #3 succeeded at 108 (offset 6 lines).
    patching file src/http/modules/ngx_http_ssl_module.c
    Hunk #1 succeeded at 234 (offset 1 line).
    Hunk #2 succeeded at 594 (offset 26 lines).
    Hunk #3 succeeded at 664 (offset 26 lines).
    Hunk #4 succeeded at 858 (offset 26 lines).
    patching file src/http/modules/ngx_http_ssl_module.h
    

    Using Nginx 1.13.9