Reduce SSL buffers overhead
---------------------------
Key: DIRMINA-471
URL: https://issues.apache.org/jira/browse/DIRMINA-471
Project: MINA
Issue Type: Improvement
Components: Filter
Affects Versions: 1.1.4
Environment: NA
Reporter: Michael Matovsky
There is a significant overhead for SSL connections.
Investigation shows that every SSL connection requires an SSLHandler, which
contains 3 buffers:
- Two buffers for encrypted inbound and outbound packets, respectively.
- One buffer for decrypted application data
The buffer sizes are computed as follows:
Packet buffer size = the current size of the largest SSL/TLS packet that is
expected when using this session (SSLSession.packetBufferSize())
Application buffer size = 2 x packet buffer size
In Sun JSSE the SSLSession.packetBufferSize() equals to 16K, which implies a
total of 64K SSL buffer space per connection. For 10K active this means that
640MB of memory is required just for SSL buffers.
Such overhead really limits the number of concurrent connections an application
can support.
A possible resolution is to dynamically re-adjusting the buffer capacity, and
allowing to configure the initial buffer sizes.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
