Found that new AWS type of instances have MTU 9001 by default and this causes erros with SSL packets: sometimes they are delayed and sometimes dropped. Setting MTU to 1500 helped to solve this issue.

quotation from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html:

The maximum transmission unit (MTU) for an instance depends on its instance type. The following instance types provide 9001 MTU (jumbo frames): CC2, C3, R3, CG1, CR1, G2, HS1, HI1, I2, and M3. The other instance types provide 1500 MTU (Ethernet v2 frames).)