[Fedora-directory-users] FDS SSL performance tuning query
Rob Crittenden
rcritten at redhat.com
Tue Aug 7 16:32:54 UTC 2007
Jonathan Barber wrote:
> Hello all, currently we have a FDS instance running on RHEL4 with a
> small number of entries (6,000), we also have a linux compute cluster of
> 100 nodes which uses LDAP for user account data (via libnss_ldap).
SNIP
> [0] http://directory.fedoraproject.org/wiki/Performance_Tuning
> [1] http://www.mozilla.org/projects/security/pki/nss/nss-3.2-performance-results
> [2] server$ ./selfserv -n "Server-Cert" -p 6000
> client$ time ./strsclnt -p 6000 server -c 1000
> strsclnt: -- SSL: Server Certificate Validated.
> strsclnt: 0 cache hits; 1 cache misses, 0 cache not reusable
> strsclnt: 999 cache hits; 1 cache misses, 0 cache not reusable
>
> real 0m0.605s
> user 0m0.795s
> sys 0m0.226s
Your SSL test is probably not representative of the real world. It did
just one full handshake. You may want to look at the -P and -N options
of strsclnt. It may be that each getent is doing a full handshake.
rob
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3245 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/fedora-directory-users/attachments/20070807/f80a41bf/attachment.bin>
More information about the Fedora-directory-users
mailing list