varnish with ssl

Michael Fischer michael at dynamine.net
Thu Apr 8 19:39:48 CEST 2010


On Thu, Apr 8, 2010 at 10:37 AM, Ken Brownfield <kb+varnish at slide.com> wrote:

> On Apr 7, 2010, at 5:20 PM, Michael Fischer wrote:
>>> The single-process model as regards scalability is a red herring.
>>
>> It matters a lot with SSL.  The handshaking process is very
>> CPU-intensive.  You really want something that's SMP-scalable.
>
> Run one single-process model process for each core in your machine.  You also get the rather academic bonus of less context-switching and less cache thrash (assuming a decent scheduler and affinity).  This is also how you would leverage multiple machines.

I don't disagree with you.  But stunnel doesn't do that.

--Michael



More information about the varnish-misc mailing list