Re: Linux kernel 2.4 and TCP terminations per second.

Roland Dreier (roland@topspincom.com)
06 Nov 2001 15:43:36 -0800


Imran> I am running openssl with apache using modssl. I will have
Imran> to look at whether could I use openssl with TUX or zeus.

If you are doing SSL termination without a hardware crypto accelerator
then the cost of the public key operations for the SSL handshake will
far outweigh the cost of TCP termination and the webserver. With a
typical machine (say a 1 GHz P3) I would estimate you could do 200 SSL
handshakes/sec with apache/modssl (with 95% of your CPU time spent in
OpenSSL RSA code). With a hardware crypto accelerator you could get
up to 600-1000 handshakes/sec but the crypto will still be the
bottleneck.

Roland

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/