From d901149e4e54bf846f9b94b2729086768a7c1aa0 Mon Sep 17 00:00:00 2001 From: Sudheer Vinukonda Date: Thu, 14 May 2020 10:12:49 -0700 Subject: [PATCH 1/2] 1. Set a non-zero default value for TLS Client Handshake Timeout Update Docs to clarify that no activity timeouts will use default inactivity timeout value when they are set to 0 --- doc/admin-guide/files/records.config.en.rst | 8 ++++---- mgmt/RecordsConfig.cc | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/doc/admin-guide/files/records.config.en.rst b/doc/admin-guide/files/records.config.en.rst index 899f7a5ad55..25a6df4c64e 100644 --- a/doc/admin-guide/files/records.config.en.rst +++ b/doc/admin-guide/files/records.config.en.rst @@ -1246,8 +1246,8 @@ HTTP Connection Timeouts :overridable: Specifies how long |TS| keeps connections to clients open for a - subsequent request after a transaction ends. A value of ``0`` will disable - the no activity timeout. + subsequent request after a transaction ends. A value of ``0`` will set + `proxy.config.net.default_inactivity_timeout` as the timeout. See :ref:`admin-performance-timeouts` for more discussion on |TS| timeouts. @@ -1256,8 +1256,8 @@ HTTP Connection Timeouts :overridable: Specifies how long |TS| keeps connections to origin servers open - for a subsequent transfer of data after a transaction ends. A value of - ``0`` will disable the no activity timeout. + for a subsequent transfer of data after a transaction ends. A value of ``0`` will + `proxy.config.net.default_inactivity_timeout` as the timeout. See :ref:`admin-performance-timeouts` for more discussion on |TS| timeouts. diff --git a/mgmt/RecordsConfig.cc b/mgmt/RecordsConfig.cc index b7c7fdc8bc7..57d1fb286e7 100644 --- a/mgmt/RecordsConfig.cc +++ b/mgmt/RecordsConfig.cc @@ -1150,7 +1150,7 @@ static const RecordElement RecordsConfig[] = , {RECT_CONFIG, "proxy.config.ssl.server.dhparams_file", RECD_STRING, nullptr, RECU_RESTART_TS, RR_NULL, RECC_NULL, nullptr, RECA_NULL} , - {RECT_CONFIG, "proxy.config.ssl.handshake_timeout_in", RECD_INT, "0", RECU_RESTART_TS, RR_NULL, RECC_INT, "[0-65535]", RECA_NULL} + {RECT_CONFIG, "proxy.config.ssl.handshake_timeout_in", RECD_INT, "5", RECU_RESTART_TS, RR_NULL, RECC_INT, "[0-65535]", RECA_NULL} , {RECT_CONFIG, "proxy.config.ssl.cert.load_elevated", RECD_INT, "0", RECU_RESTART_TS, RR_NULL, RECC_INT, "[0-1]", RECA_READ_ONLY} , From c90013485dcd507a58aa2855f3785bbbef194c1d Mon Sep 17 00:00:00 2001 From: Sudheer Vinukonda Date: Thu, 14 May 2020 11:07:09 -0700 Subject: [PATCH 2/2] Bump the timeout to 30 sec to account for multiple RTT (thanks Bryan) --- doc/admin-guide/files/records.config.en.rst | 2 +- mgmt/RecordsConfig.cc | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/doc/admin-guide/files/records.config.en.rst b/doc/admin-guide/files/records.config.en.rst index 25a6df4c64e..dae647dbf0f 100644 --- a/doc/admin-guide/files/records.config.en.rst +++ b/doc/admin-guide/files/records.config.en.rst @@ -1257,7 +1257,7 @@ HTTP Connection Timeouts Specifies how long |TS| keeps connections to origin servers open for a subsequent transfer of data after a transaction ends. A value of ``0`` will - `proxy.config.net.default_inactivity_timeout` as the timeout. + set `proxy.config.net.default_inactivity_timeout` as the timeout. See :ref:`admin-performance-timeouts` for more discussion on |TS| timeouts. diff --git a/mgmt/RecordsConfig.cc b/mgmt/RecordsConfig.cc index 57d1fb286e7..41d13b21965 100644 --- a/mgmt/RecordsConfig.cc +++ b/mgmt/RecordsConfig.cc @@ -1150,7 +1150,7 @@ static const RecordElement RecordsConfig[] = , {RECT_CONFIG, "proxy.config.ssl.server.dhparams_file", RECD_STRING, nullptr, RECU_RESTART_TS, RR_NULL, RECC_NULL, nullptr, RECA_NULL} , - {RECT_CONFIG, "proxy.config.ssl.handshake_timeout_in", RECD_INT, "5", RECU_RESTART_TS, RR_NULL, RECC_INT, "[0-65535]", RECA_NULL} + {RECT_CONFIG, "proxy.config.ssl.handshake_timeout_in", RECD_INT, "30", RECU_RESTART_TS, RR_NULL, RECC_INT, "[0-65535]", RECA_NULL} , {RECT_CONFIG, "proxy.config.ssl.cert.load_elevated", RECD_INT, "0", RECU_RESTART_TS, RR_NULL, RECC_INT, "[0-1]", RECA_READ_ONLY} ,