Analysis of the problems many relay operators are currently facing

Roger Dingledine arma at
Thu Apr 22 23:48:21 UTC 2010

On Thu, Apr 22, 2010 at 07:39:10PM -0400, Adam Langley wrote:
> On Thu, Apr 22, 2010 at 6:14 PM, Roger Dingledine <arma at> wrote:
> > My intuition is that a huge amount of it was going to openssl buffers.
> > When you have 20k TLS connections open, that's 37k*20k = 740 megs of
> > ram just sitting idle in openssl.
> For our frontend machines here where have a patch to OpenSSL which
> reduces the default buffer size. I can dig it up and send it along if
> it would be helpful.

Hi Adam,

Actually Nick got a patch accepted to OpenSSL mainline that dynamically
reduces buffers as they're not needed. See item #2 on

The remaining challenge is that roughly nobody is running OpenSSL
1.0.0-beta5, and roughly nobody knows how to recompile their OpenSSL. :)

(Is your patch better or orthogonal to Nick's? Maybe we should get yours
in too?)


More information about the tor-dev mailing list