Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

CFHTTP: first request fast, following slow

I'm having a lot of trouble with CF10's CFHTTP at the moment.

First, my test script:

<CFSET results = arraynew(1) />
<CFLOOP from="1" to="10" index="idx">
    <CFSET timer_start = getTickCount() />
    <CFHTTP url="https://www.google.de" method="get" result="test" />
    <CFSET arrayappend(results, (getTickCount()-timer_start)/1000 & " s") />
</CFLOOP>
<CFDUMP var="#results#" />

10 CFHTTP calls in a row, the time they take gets pushed to an array; that's all.

Results of our CF9 server:

CF9 CFHTTP TEST RESULTS

Results of our CF10 server:

CF10 CFHTTP TEST RESULTS

Results of our CF10 server with 5 sec delay between CFHTTP calls:

CF10 CFHTTP TEST RESULTS WITH DELAY BETWEEN CALLS

I already read on the forum and Shilpi's Blog that the reason could be that the Linux server runs out of entropy. I checked that with watch --interval=0.1 cat ... while my test script ran but it never dropped far under 4k (with rngd already installed).

Does anybody has another idea what I could try to fix this problem? Using /dev/urandom seems to be an insecure hack to me; so that's not an option (since CF10 server is production machine).

Thanks guys!

like image 290
Seybsen Avatar asked Oct 04 '13 14:10

Seybsen


1 Answers

While making a cfhttp call to a coldfusion server the apache httpclient library tries to generate a secure random number. It is an operation which depends on the "entropy" of the system.

In case of linux systems (mainly the ones which are freshly installed) it is observed that this operation can be quite time consuming because the system "entropy" is apparently quite low. Hence, as a consequence cfhttp calls will be slow.

Source: http://blogs.coldfusion.com/post.cfm/optimizing-cfhttp-calls-on-linux-systems

Solution: Add “-Djava.security.egd=file:/dev/./urandom” to your jvm-setting.

In the Adobe Forums, you find another thread with your problem and the same solution and a following link with further informations about the random number generator: http://forums.adobe.com/thread/1063806

There is no need for not using /dev/urandom as it is a secure solution: https://security.stackexchange.com/a/3939

like image 194
da_didi Avatar answered Sep 28 '22 09:09

da_didi