[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Analysis of the problems many relay operators are currently facing



On Thu, Apr 22, 2010 at 07:39:10PM -0400, Adam Langley wrote:
> On Thu, Apr 22, 2010 at 6:14 PM, Roger Dingledine <arma@xxxxxxx> wrote:
> > My intuition is that a huge amount of it was going to openssl buffers.
> > When you have 20k TLS connections open, that's 37k*20k = 740 megs of
> > ram just sitting idle in openssl.
> 
> For our frontend machines here where have a patch to OpenSSL which
> reduces the default buffer size. I can dig it up and send it along if
> it would be helpful.

Hi Adam,

Actually Nick got a patch accepted to OpenSSL mainline that dynamically
reduces buffers as they're not needed. See item #2 on
https://www.torproject.org/faq.html.en#RelayMemory

The remaining challenge is that roughly nobody is running OpenSSL
1.0.0-beta5, and roughly nobody knows how to recompile their OpenSSL. :)

(Is your patch better or orthogonal to Nick's? Maybe we should get yours
in too?)

--Roger