Sure. "valid=3s" This probably can be relaxed, yes. The intent was to prevent grouping too many connections on the same 8 or so IP's we get in a single DNS query. > ssl_session_cache shared:SSL:1m; > ssl_session_timeout 86400; This is a nice pointer, thank you. From nginx.org documentation "One megabyte of the cache contains about 4000 sessions." This should deby bdarbro - Nginx Mailing List - English
Oh, and SSLv3 enabled because of client firmware using an old stack, something I can do nothing about.by bdarbro - Nginx Mailing List - English
Yes. nginx-lua-prometheus Installed in /etc/nginx/nginx-lua-prometheus and included in that included prometheus config file.by bdarbro - Nginx Mailing List - English
I have nginx configured as a reverse proxy to Amazon's AWS IoT MQTT service. This was functioning well for almost 2 months, when suddenly 20 out of 32 instances of this stopped being able to connect upstream. We started seeing sporadic upstream SSL connection errors, followed by sporadic upstream connection refused, and then finally, mostly connection timeouts to upstream. Nothing short of a reby bdarbro - Nginx Mailing List - English