[openssl-users] OpenSSL Behaviour under low bandwidth

[Martin Beynon]

Hi all,

I have discovered some strange behaviour with OpenSSL under low bandwidth
conditions.

I've found that with the bandwidth < about 150 kpbs that the throughput
drops heavily and doesn't appear to be anywhere near the available
bandwidth, spending a lot of time doing nothing.

I've tested various bandwidth conditions and all seems work as expected
until the bandwidth available drops below around 150 kpbs and it becomes
unusable at 56 kbps. However if we slow the rate at which data is passed to
OpenSSL to about the output bandwidth it continues to operate as expected -
smoothly, giving the throughput expected.

I've tested with s_client between my PC and an AWS EC2 instance. I've also
tried using s_tunnel and nmap/ncat. The results appear the same. Using
wireshark I see a lot of TCP retransmissions.

At first I thought it was a problem with s_client, but after some
investigation it looks more like the issue is within the OpenSSL lib itself.

Any ideas what could be going wrong? Should we expect OpenSSL to work under
low bandwidth conditions?

Just to note; I've not tested with the latest 1.0.2 versions of
OpenSSL...yet. Should I expect any different behaviour?


Thanks in advance,

Martin
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20150515/42571e73/attachment.html>