On 11/7/07, Michael Matovsky <[EMAIL PROTECTED]> wrote: > > We are observing a significant overhead for SSL connections. > From our investigation, every SSL connection requires an SSLHandler, which > contains 3 buffers: > - Two buffers for encrypted inbound and outbound packets, respectively. > - One buffer for decrypted application data > > The buffer sizes are computed as follows: > Packet buffer size = the current size of the largest SSL/TLS packet that is > expected when using this session (SSLSession.packetBufferSize()) > Application buffer size = 2 x packet buffer size > > In Sun JSSE the SSLSession.packetBufferSize() equals to 16K, which implies a > total of 64K SSL buffer space per connection. For 10K active this means that > 640MB of memory is required just for SSL buffers. > > Such overhead really limits the number of concurrent connections an > application can support. Is there any way to reduce this overhead? Or is > this a known limitation?
I think we can resolve this issue by dynamically re-adjusting the buffer capacity. (or allocation-on-demand?) Could you open a JIRA issue? http://issues.apache.org/jira/browse/DIRMINA Thanks, Trustin -- what we call human nature is actually human habit -- http://gleamynode.net/ -- PGP Key ID: 0x0255ECA6
