Optimizing TLS Record Size & Buffering Latency
rob.stradling at comodo.com
Tue Oct 29 21:44:46 UTC 2013
"The larger the TLS record size, the higher the likelihood that we may
incur an additional roundtrip due to a TCP retransmission or "overflow"
of the congestion window. That said, the fix is also relatively simple:
send smaller records. In fact, to eliminate this problem entirely,
configure your TLS record size to fit into a single TCP segment.
The bad news is that many TLS servers do not provide an easy way to
configure TLS record size and instead use the default maximum of 16 KB.
Nginx hardcodes 16KB size in ngx_event_openssl, which you can change and
recompile from source."
Would it be worth lowering this default value?
How about adding a config directive that allows users to change it
without having to edit the source code?
Senior Research & Development Scientist
COMODO - Creating Trust Online
More information about the nginx-devel