Home / server / Questions / 784742
Accepted
harveyslash
Asked: 2016-06-18 23:32:58 +0800 CST

Reducing HTTPS handshake by http-keepalive behind a load balancer - possible?

  • 772

I have an api into which ill get quite a few requests in https. Since its restful, each time the api is sent , it requires a full ssl handshake. On enabling http-keepalive , the latency of the request is reduced greatly (first request takes same time, but subsequent requests are as fast as http).

Now, I was experimenting with amazon's elb (I will also use cloud front). My question is, how will keep alive work in the same setup , where the request coming from a client can be routed to different machines randomly ?
Or is it not possible at all to prevent an ssl handshake each time a request is made ?

load-balancing amazon-web-services keep-alive

1 Answers

  1. Best Answer

    Yes, AWS ELB will re-use open connections to backends when possible, while still trying to distribute the load as it's configured to do so. AWS even recommends this as a best practice in their docs:

    For HTTP and HTTPS listeners, we recommend that you enable the keep-alive option in your EC2 instances, which enables the load balancer to re-use the connections to your instances for multiple client requests. This reduces the load on your web server and improves the throughput of the load balancer. The keep-alive timeout should be at least 60 seconds to ensure that the load balancer is responsible for closing the connection to your instance.

    ETA: Note that the ELB doesn't actually hand a client connection off to a back-end. All requests between the client and the backend still get passed through the ELB in both directions. You can either have the ELB terminate SSL from the client (assuming that's HTTPS) and then creates or re-uses its own HTTPS connection (if configured to do so) to the backend, or you can choose to terminate SSL at the backend only.

    • 6