If you are doing SSL termination without a hardware crypto accelerator
then the cost of the public key operations for the SSL handshake will
far outweigh the cost of TCP termination and the webserver. With a
typical machine (say a 1 GHz P3) I would estimate you could do 200 SSL
handshakes/sec with apache/modssl (with 95% of your CPU time spent in
OpenSSL RSA code). With a hardware crypto accelerator you could get
up to 600-1000 handshakes/sec but the crypto will still be the
bottleneck.
Roland
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/