On 12/13/2011 09:02 PM, John Lauro wrote:
Been using haproxy for some time… but have not used it with SSL yet.
I do need to preserve the IP address of the original client. So either
transparent (is that possible when going through stunnel or other and
haproxy on the same box), or
best option for new deployments
On 12/13/2011 09:02 PM, John Lauro wrote:
Been using haproxy for some time… but have not used it with SSL yet.
I do need to preserve the IP address of the original client. So
either transparent (is that possible when going through stunnel or
other and haproxy
On 12/13/2011 10:43 PM, David Prothero wrote:
I've been using stunnel with the X-Forwarded-For patch. Is stud preferable to
stunnel for some reason?
Stunnel usually uses thread-per-connection architecture - as you
probably know this programming model has serious scaling issues. Stud is
, newer version of stunnel probably perform better.
-Original Message-
From: Brane F. Gračnar [mailto:brane.grac...@tsmedia.si]
Sent: Tuesday, December 13, 2011 5:21 PM
To: David Prothero
Cc: John Lauro; haproxy@formilux.org
Subject: Re: SSL best option for new deployments
On 12/13
...@tsmedia.si]
Sent: Tuesday, December 13, 2011 5:21 PM
To: David Prothero
Cc: John Lauro; haproxy@formilux.org
Subject: Re: SSL best option for new deployments
On 12/13/2011 10:43 PM, David Prothero wrote:
I've been using stunnel with the X-Forwarded-For patch. Is stud
preferable to stunnel
OoO La nuit ayant déjà recouvert d'encre ce jour du mardi 13 décembre
2011, vers 23:43, John Lauro john.la...@covenanteyes.com disait :
Found this with google comparing the two (only a few months old):
http://vincent.bernat.im/en/blog/2011-ssl-benchmark.html
In summary, performance appears
OoO La nuit ayant déjà recouvert d'encre ce jour du mardi 13 décembre
2011, vers 23:20, Brane F. Gračnar brane.grac...@tsmedia.si disait :
It also uses much less memory than stunnel (openssl = 1.x.x).
stunnel has also enabled the SSL_MOD_RELEASE_BUFFERS on recent versions
(since 4.45). I
7 matches
Mail list logo
