Analysis of the problems many relay operators are currently facing
Roger Dingledine
arma at mit.edu
Thu Apr 22 23:48:21 UTC 2010
On Thu, Apr 22, 2010 at 07:39:10PM -0400, Adam Langley wrote:
> On Thu, Apr 22, 2010 at 6:14 PM, Roger Dingledine <arma at mit.edu> wrote:
> > My intuition is that a huge amount of it was going to openssl buffers.
> > When you have 20k TLS connections open, that's 37k*20k = 740 megs of
> > ram just sitting idle in openssl.
>
> For our frontend machines here where have a patch to OpenSSL which
> reduces the default buffer size. I can dig it up and send it along if
> it would be helpful.
Hi Adam,
Actually Nick got a patch accepted to OpenSSL mainline that dynamically
reduces buffers as they're not needed. See item #2 on
https://www.torproject.org/faq.html.en#RelayMemory
The remaining challenge is that roughly nobody is running OpenSSL
1.0.0-beta5, and roughly nobody knows how to recompile their OpenSSL. :)
(Is your patch better or orthogonal to Nick's? Maybe we should get yours
in too?)
--Roger
More information about the tor-dev
mailing list