We are observing a significant overhead for SSL connections. >From our investigation, every SSL connection requires an SSLHandler, which contains 3 buffers: - Two buffers for encrypted inbound and outbound packets, respectively. - One buffer for decrypted application data
The buffer sizes are computed as follows: Packet buffer size = the current size of the largest SSL/TLS packet that is expected when using this session (SSLSession.packetBufferSize()) Application buffer size = 2 x packet buffer size In Sun JSSE the SSLSession.packetBufferSize() equals to 16K, which implies a total of 64K SSL buffer space per connection. For 10K active this means that 640MB of memory is required just for SSL buffers. Such overhead really limits the number of concurrent connections an application can support. Is there any way to reduce this overhead? Or is this a known limitation? Thanks in advance, Michael Scott Peters-3 wrote: > > ... > Our program uses 10-15k connections going at the same time (10 with the > added overhead of SSL). With direct buffers the JVM just used too much > memory.. > ... > -- View this message in context: http://www.nabble.com/Out-of-Memory-issues-with-our-mina-proxy-tf4664266s16868.html#a13616082 Sent from the Apache MINA Support Forum mailing list archive at Nabble.com.
