In <[EMAIL PROTECTED]> Jeffrey Burgoyne
([EMAIL PROTECTED]) wrote:
JB> On Mon, 12 Jul 1999, Khimenko Victor wrote:
>> 12-Jul-99 08:13 you wrote:
>>
>> > After experienceing some "brownouts" in Stronghold SSL, I changed our web
>> > server to modssl last week. We saw a huge increase in performance (of
>> > course, the brownouts really dragged down the stats I expect) in the range
>> > of 50 to 80 percent.
>>
>> > Since our site is a very high profile government site, I tried to keep
>> > things as simple as possible for the cutover and left out the Shared
>> > Memory library. I can't find an over abundance of documentation on this
>> > feature and had some questions.
>>
>> > First off, does the cache apply to all http requests as well as https
>> > requests. I'm assuming it does, but its not too exact in the
>> > documentation.
>>
>> No it does not :-) AFAIK for now MM can be used only for SSL session cache.
>>
JB> Darn.
>> > Secondly, is there any configuration parameters to allow me to specify how
>> > much memory it uses. I'm generally running with about 300 Megs free.
>>
>> Yes, when you specify where to put SSL session cache and use MM you must
>> specify size of MM pool as well. You do not want it really big.
>>
>> > Any idea of what performance gain to expect? We get about 15000 real hits
>> > a day, about 60000 total (including graphics). About 10% of those are SSL.
>> > I need to justify why we want to make the change to the web server and
>> > even a rough idea is all my employers need to see.
>>
>> Usually you'll get only very slight gain in perfomance: you did not said
>> which OS you are using but in most modern OS'es with decent filesystem
>> cache gain will be small. Usage of MM is better from security standpoint
>> but will not you buy much from perfomance side. May be Ralf can add some
>> arguments "pro MM", of course...
JB> Running on a DEC Alpha (4.01 I believe).
JB> One last question. Does every hit to the cahce still result in a log entry
JB> being generated?
It must be so...
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
