Marti Raudsepp wrote:
>> Disabling OpenSSL compression in the source (which
>> is possible since OpenSSL 1.0.0) does not give me any performance
>> improvement.
> If it doesn't give you any performance improvement then you haven't
> disabled compression. Modern CPUs can easily saturate 1 GbitE with
> AES256-encrypted connections. Compression is usually the bottleneck,
> at 20-30 MB/s.
I finally managed to disable compression, and the performance
improvement is dramatic.
Now I have "only" 100% penalty for using SSL, as seen in this
oprofile report:
samples % image name symbol name
751 50.1670 libcrypto.so.1.0.0 /usr/lib64/libcrypto.so.1.0.0
594 39.6794 postgres hex_encode
83 5.5444 libc-2.12.so memcpy
I'll post to hackers and see if I can get this into core.
Yours,
Laurenz Albe