Take a look at this url:

http://lbwiki.com/index.php/What_do_I_need_in_SSL_TPS_Performance%3F

I believe we need to satisfy 100Mbps with hardware accelerator hardware
support for OpenSSL utilized. Only THEN, we would be a real world-class
solution. Currently, local-to-local, ├Âur reverse proxy does 20 TPS with the
stress tester.

Regards,

SZ

On Fri, Mar 13, 2009 at 8:02 PM, Fastream Technologies
<ga...@fastream.com>wrote:

> I am still curious whtehr there is a way to increase the timeout for the
> connection handshake--possibly in registry. I won't implement session
> caching because it is not realistic to assume same clients accessing the
> server--you wrote that client and server both must support for session
> caching. I want the worst case scenario. Let's think botnet of 1000 zombie
> IE activeX's attacking our SSL proxy! (BTW, I have seen such attack with
> HTTP on one of my servers. I know it was a botnet because 99% of the traffic
> was from Turkey and Germany where Turkish population concentration is high
> and the logs showed 99.99% GET / 's. Normally the domain was getting 20-30
> hits per hour yet during the attack, it rose to 1200 connections/sec. I knew
> who was behind it but had no proof. Had to pay for an attorney and suddenly
> the attack was over in 6 days! He must have rented the botnet from a
> malicious hacker team.)
> Regards,
>
> SZ
>
>
> On Fri, Mar 13, 2009 at 6:20 PM, Arno Garrels <arno.garr...@gmx.de> wrote:
>
>> Fastream Technologies wrote:
>> > I can see on my Vista x64 the reverse proxy drops SSL connections
>> > with our web stress tester:
>>
>> I can produce plenty of "dropped" entries against the SslWebserver
>> demo as well on both ports. The more clients and threads are setup
>> in the testapp the more refused connections.
>> That's the expected behaviour. Since SSL handshakes are rather
>> expensive there is less load required until the first SSL connection
>> is refused. And the testapp obviously does not support session caching.
>> An option for session caching would be helpful in order to be able to
>> compare.
>>
>> --
>>
>
-- 
To unsubscribe or change your settings for TWSocket mailing list
please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be

Reply via email to