[RFC] event/openssl: Add dynamic record size support for serving ssl trafic

W-Mark Kubacki wmark+nginx at hurrikane.de
Wed May 27 16:43:01 UTC 2015


2015-05-05 15:39 GMT+02:00 chen <gzchenym at 126.com>:
>
> This is v1 of the patchset the implementing the feature SSL Dynamic Record
> Sizing, inspiring by Google Front End […]
>
> Any comments is welcome.

Nice! I've implemented that for Golang in the past and have ported it
to C for you today.

Although a single initial packet might seem more attractive in
benchmarks, I found that sending two results in better catching parts
of HEAD — which is what we want. Then you will notice some dancing
around IW4, by which we've already sent about 5683 octets. Enough for
me for a making a tradeoff here.

16k as ssl->buffer_size results in partially filled packets. A better
default value could minimize the overhead (<0.5%) for that trailing
PDUs.

SSL libraries really should provide a function for computing overhead.

-- 
Mark
-------------- next part --------------
A non-text attachment was scrubbed...
Name: nginx-1.9.1-SSL-dynamic-record-size-redux.patch
Type: application/octet-stream
Size: 7441 bytes
Desc: not available
URL: <http://mailman.nginx.org/pipermail/nginx-devel/attachments/20150527/c6b5e900/attachment.obj>


More information about the nginx-devel mailing list