| From: | Edoardo Innocenti - SDB Information Technology Srl <edoardo(dot)innocenti(at)tech(dot)sdb(dot)it> |
|---|---|
| To: | Magnus Hagander <magnus(at)hagander(dot)net> |
| Cc: | "pgsql-admin(at)postgresql(dot)org" <pgsql-admin(at)postgresql(dot)org> |
| Subject: | R: SSL Compression doesn't work |
| Date: | 2015-01-03 13:53:24 |
| Message-ID: | DBXPR04MB397A2F911407E3EF6A0C4A8A35A0@DBXPR04MB397.eurprd04.prod.outlook.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-admin |
Thanks Magnus, now compression works properly using pgsql client.
Da: Magnus Hagander [mailto:magnus(at)hagander(dot)net]
Inviato: venerdì 2 gennaio 2015 16:48
A: Edoardo Innocenti - SDB Information Technology Srl
Cc: pgsql-admin(at)postgresql(dot)org
Oggetto: Re: [ADMIN] SSL Compression doesn't work
On Fri, Jan 2, 2015 at 4:39 PM, Edoardo Innocenti - SDB Information Technology Srl <edoardo(dot)innocenti(at)tech(dot)sdb(dot)it<mailto:edoardo(dot)innocenti(at)tech(dot)sdb(dot)it>> wrote:
Hi,
I try to reduce bandwith use with ssl and compression. I create a test with:
1. CentOS release 6.6 (Final )x86_64
a. openssl-1.0.1e-30.el6_6.4.x86_64
b. kernel-2.6.32-504.1.3.el6.x86_64
2. PostgreSQL 9.3.5
a. postgresql93-libs-9.3.5-1PGDG.rhel6.x86_64
b. postgresql93-contrib-9.3.5-1PGDG.rhel6.x86_64
c. postgresql93-9.3.5-1PGDG.rhel6.x86_64
d. postgresql93-server-9.3.5-1PGDG.rhel6.x86_64
I configure a postgresql with SSL (http://www.postgresql.org/docs/9.3/static/ssl-tcp.htm), with self-signed certificate.
All work fine for SSL, but when I try to use the compression I didn’t find any difference monitoring traffic with tcdump.
These commands has the same network load (~1.1MB)
• psql "user=USER password=PASS host=HOST dbname=postgres sslmode=require sslcompression=1" -c "SELECT lpad('', 1024*1024, 'A');"
• psql "user=USER password=PASS host=HOST dbname=postgres sslmode=require sslcompression=0" -c "SELECT lpad('', 1024*1024, 'A');"
• psql "user=USER password=PASS host=HOST dbname=postgres sslmode=disable" -c "SELECT lpad('', 1024*1024, 'A');"
I believe this is because your distribution has decided to turn of SSL compression by default, and require you to set the OPENSSL_DEFAULT_ZLIB variable to turn it back on. See https://bugzilla.redhat.com/show_bug.cgi?id=857051 and https://rhn.redhat.com/errata/RHSA-2013-0587.html.
You need to set this variable both for the server and the client.
--
Magnus Hagander
Me: http://www.hagander.net/
Work: http://www.redpill-linpro.com/
This message is for the recipients only. If you receive it in error, please notify the sender and delete it together with any attachments. For any further information, including our privacy policy please refer to http://www.savinodelbene.com/privacy/
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Zheng, Wendy | 2015-01-04 06:52:28 | The quickest way to migrate database within the same cluster |
| Previous Message | Craig Ringer | 2015-01-02 23:30:36 | Re: PostgreSQL file system based restore from Linux to Windows |