[openssl-dev] [openssl-users] DTLS in multi-thread and concurrent connection acceptance environment
Angus Robertson - Magenta Systems Ltd
angus at magsys.co.uk
Tue Nov 28 14:46:00 UTC 2017
> I don't know if anyone has ever created any metrics on how far it
> can be scaled. I've certainly not seen it if they have. But there
> are no knownlimitations on this approach (this is the intended
> way to do things).
Our Delphi OpenSSL implementation on Windows mostly uses a single
thread and event driven code, although Windows itself uses a thread per
connection. But we don't support DTLS.
I did some testing last year with simple SSL TCP/IP client and server
on Windows 10, and had 2,000 simultaneous SSL sessions running on the
same PC, always thought client versions of Windows supported far fewer
sessions.
The main limitation during testing with a single thread was the set-up
time for SSL, there is a limit of how many new sessions can be started
per second. My test was starting 100 sessions per second, and about
20% failed initially, but succeeded later on retries.
I used my own applications for testing, ComCap5 and ComGen5 from
https://www.magsys.co.uk/comcap/
ComGen is a TCP/UDP session data generator, configurable for multiple
IPs and ports, and volume of sessions.
Angus
More information about the openssl-dev
mailing list