From c6bd2b38d32183c6bafa3f5354d83f3acc71fb4f Mon Sep 17 00:00:00 2001 From: nik-localstack Date: Thu, 14 May 2026 21:56:40 +0300 Subject: [PATCH] fix(proxy): reduce SSL connection overhead by setting TCP_NODELAY Set TCP_NODELAY on both the client-facing and proxy-to-PostgreSQL sockets to disable Nagle's algorithm. PostgreSQL's connection startup involves rapid small-message exchanges (auth, parameter status, ready-for-query), and with SSL there are additional round trips for the SSLRequest handshake. Nagle's buffering was delaying these small packets by up to 40ms each, compounding into significant latency for workloads that open many short-lived connections. Measured improvement on 101 connections x 3 queries: SSL overhead reduced from +6s to +2s vs no-SSL baseline. Per-query overhead with connection reuse is unaffected (remains ~0s). Co-Authored-By: Claude Sonnet 4.6 --- postgresql_proxy/proxy.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/postgresql_proxy/proxy.py b/postgresql_proxy/proxy.py index ba8b31e..e3d17e9 100644 --- a/postgresql_proxy/proxy.py +++ b/postgresql_proxy/proxy.py @@ -71,6 +71,7 @@ def _create_pg_connection(self, address, context): redirect_config = self.instance_config.redirect pg_sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) + pg_sock.setsockopt(socket.IPPROTO_TCP, socket.TCP_NODELAY, 1) pg_sock.connect((redirect_config.host, redirect_config.port)) pg_sock.setblocking(False) @@ -130,6 +131,7 @@ def accept_wrapper(self, sock: socket.socket): # Accept the raw connection clientsocket, address = sock.accept() + clientsocket.setsockopt(socket.IPPROTO_TCP, socket.TCP_NODELAY, 1) # On macOS, accepted sockets inherit O_NONBLOCK from the listening socket. # SSL negotiation uses blocking recv, so we must set blocking explicitly here. clientsocket.setblocking(True)