nchan
nchan copied to clipboard
slact
redis-backed nchan returning inconsistent response on consecutive requests
Hi,
We are experiencing inconsistent responses from a Redis-backed nchan server. Below are two requests executed right after each other with no delay. The responses are random, and you can get X times response before you get an empty one once in between. What could be the problem?
Here is the relevant nginx config:
nchan_shared_memory_size 2G;
upstream redis_server {
nchan_redis_server 'redis://:REDACTED@REDACTED';
}
location ~ "^/sub/([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-4[0-9a-fA-F]{3}-[89aAbB][0-9a-fA-F]{3}-[0-9a-fA-F]{12})$" {
nchan_subscriber;
nchan_channel_id $1;
nchan_redis_pass redis_server;
nchan_subscribe_existing_channels_only on;
}
Here are two request attempts:
% curl -v -H "Accept: text/event-stream" -H "X-SUB-AUTH: B040tOGaVVMHUm3iiFRRZNC249Zqm5M0cYHZnuhRRfiRTBaAof0ZYHLI7o3FABpOHGpjylJ2yA3eieUJkeRe9Q==" https://REDACTED/sub/user
* Trying REDACTED...
* TCP_NODELAY set
* Connected to REDACTED (REDACTED) port 443 (#1)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/cert.pem
CApath: none
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
* ALPN, server accepted to use http/1.1
* Server certificate:
* subject: CN=*.REDACTED
* start date: Nov 18 00:00:00 2020 GMT
* expire date: Nov 18 23:59:59 2021 GMT
* subjectAltName: host "REDACTED" matched cert's "*.REDACTED"
* issuer: C=GB; ST=Greater Manchester; L=Salford; O=Sectigo Limited; CN=Sectigo RSA Domain Validation Secure Server CA
* SSL certificate verify ok.
> GET /sub/user HTTP/1.1
> Host: REDACTED
> User-Agent: curl/7.64.1
> Accept: text/event-stream
> X-SUB-AUTH: B040tOGaVVMHUm3iiFRRZNC249Zqm5M0cYHZnuhRRfiRTBaAof0ZYHLI7o3FABpOHGpjylJ2yA3eieUJkeRe9Q==
>
< HTTP/1.1 200 OK
< Server: nginx
< Date: Thu, 11 Mar 2021 11:18:25 GMT
< Content-Type: text/event-stream; charset=utf-8
< Transfer-Encoding: chunked
< Connection: keep-alive
< Cache-Control: private, must-revalidate
< expires: -1
< X-Frame-Options: SAMEORIGIN
< X-Content-Type-Options: nosniff
< X-XSS-Protection: 1; mode=block
< Referrer-Policy: strict-origin-when-cross-origin
<
: hi
id: 1615461334:0
data: {"action":"expire_time_update","offer_guid":"0f721843-108d-4432-b709-889e3f09f1d9","expired_at":"2021-03-11T11:16:31.000000Z","expired_after":56}
id: 1615461336:0
data: {"action":"accept_another_driver","offer_guid":"0f721843-108d-4432-b709-889e3f09f1d9","bid_status":"ACCEPTED_ANOTHER_DRIVER"}
id: 1615461353:0
data: {"action":"expire_time_update","offer_guid":"61637dd5-88c8-4493-9962-70bc550dd149","expired_at":"2021-03-11T11:16:49.000000Z","expired_after":55}
id: 1615461392:0
data: {"action":"expire_time_update","offer_guid":"506830bb-5f14-4c8f-b8bc-2a2cd8856324","expired_at":"2021-03-11T11:17:28.000000Z","expired_after":55}
id: 1615461424:0
data: {"action":"expire_bid","bid_guid":"49f6c58e-dd8b-4f1a-8b72-aca0a03563e3"}
id: 1615461491:0
data: {"action":"expire_time_update","offer_guid":"15647462-1290-4f29-9ed8-80f043ac784a","expired_at":"2021-03-11T11:19:09.000000Z","expired_after":57}
id: 1615461493:0
data: {"action":"accept_another_driver","offer_guid":"15647462-1290-4f29-9ed8-80f043ac784a","bid_status":"ACCEPTED_ANOTHER_DRIVER"}
% curl -v -H "Accept: text/event-stream" -H "X-SUB-AUTH: B040tOGaVVMHUm3iiFRRZNC249Zqm5M0cYHZnuhRRfiRTBaAof0ZYHLI7o3FABpOHGpjylJ2yA3eieUJkeRe9Q==" https://REDACTED/sub/user
* Trying REDACTED...
* TCP_NODELAY set
* Connected to REDACTED (REDACTED) port 443 (#1)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/cert.pem
CApath: none
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
* ALPN, server accepted to use http/1.1
* Server certificate:
* subject: CN=*.REDACTED
* start date: Nov 18 00:00:00 2020 GMT
* expire date: Nov 18 23:59:59 2021 GMT
* subjectAltName: host "REDACTED" matched cert's "*.REDACTED"
* issuer: C=GB; ST=Greater Manchester; L=Salford; O=Sectigo Limited; CN=Sectigo RSA Domain Validation Secure Server CA
* SSL certificate verify ok.
> GET /sub/user HTTP/1.1
> Host: REDACTED
> User-Agent: curl/7.64.1
> Accept: text/event-stream
> X-SUB-AUTH: B040tOGaVVMHUm3iiFRRZNC249Zqm5M0cYHZnuhRRfiRTBaAof0ZYHLI7o3FABpOHGpjylJ2yA3eieUJkeRe9Q==
>
< HTTP/1.1 200 OK
< Server: nginx
< Date: Thu, 11 Mar 2021 11:18:26 GMT
< Content-Type: text/event-stream; charset=utf-8
< Transfer-Encoding: chunked
< Connection: keep-alive
< Cache-Control: private, must-revalidate
< expires: -1
< X-Frame-Options: SAMEORIGIN
< X-Content-Type-Options: nosniff
< X-XSS-Protection: 1; mode=block
< Referrer-Policy: strict-origin-when-cross-origin
<
: hi
Yes, the problem is still present. We were forced to abandon the nchan after waiting so long (6 months) for you to check the server (we granted you access to the server as discussed) and you never followed up with the telegram chat.