SSL Memory Usage and Fragmentation
Igor Sysoev
is at rambler-co.ru
Wed Dec 26 23:21:20 MSK 2007
On Wed, Dec 26, 2007 at 01:49:52PM -0500, Ben Maurer wrote:
> Hi,
>
> Igor Sysoev wrote:
> >On Wed, Dec 26, 2007 at 12:34:39PM -0500, Ben Maurer wrote:
> >>It seems like it might be worth switching to something like the shared
> >>memory cache by default. Keeping the long-lived session cache in a
> >>different pool of memory avoids the risk of large amounts of memory
> >>getting pinned in.
> >
> >Well, I will make shared session cache by default. It seems it's quite
> >stable. Other possible drawback of builtin cache as I think: it uses
> >a hash to store sessions and cache cleaning may take a long time.
>
> It might be worth having an option to disable the cache completely --
> right now all you can do is have a very small builtin cache. I have a
> configuration where caching is pretty rare (in most cases, we only serve
> 2 http requests to a user over a single keepalive connection).
Well, I have added
ssl_session_cache off;
and made it by default, as Apache mod_ssl does.
--
Igor Sysoev
http://sysoev.ru/en/
More information about the nginx
mailing list