Re: [openssl-users] DTLS in multi-thread and concurrent connection acceptance environment

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

Re: [openssl-users] DTLS in multi-thread and concurrent connection acceptance environment

Angus Robertson - Magenta Systems Ltd
> I don't know if anyone has ever created any metrics on how far it
> can be scaled. I've certainly not seen it if they have. But there
> are no knownlimitations on this approach (this is the intended
> way to do things).

Our Delphi OpenSSL implementation on Windows mostly uses a single
thread and event driven code, although Windows itself uses a thread per
connection. But we don't support DTLS.  

I did some testing last year with simple SSL TCP/IP client and server
on Windows 10, and had 2,000 simultaneous SSL sessions running on the
same PC, always thought client versions of Windows supported far fewer
sessions.

The main limitation during testing with a single thread was the set-up
time for SSL, there is a limit of how many new sessions can be started
per second.  My test was starting 100 sessions per second, and about
20% failed initially, but succeeded later on retries.

I used my own applications for testing, ComCap5 and ComGen5 from
https://www.magsys.co.uk/comcap/ 

ComGen is a TCP/UDP session data generator, configurable for multiple
IPs and ports, and volume of sessions.  

Angus
 

--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev