Hi Jeff, both ab and JMETER is using keep alive. I am using SSL session cache in the config as - SSLSessionCache "shmcb:/path to logs/ssl_scache(512000)" > Even if so, it is worth using mod_ssl tracing to confirm that the > combination of client/server behavior results in a reasonably high > session cache utilization. Please let me know how can i trace mod_ssl to confirm session cache utilization. On Wed, Apr 6, 2011 at 10:32 AM, Jeff Trawick <trawick@xxxxxxxxx> wrote: > On Thu, Mar 31, 2011 at 7:56 AM, Mark Montague <mark@xxxxxxxxxxx> wrote: >> On March 30, 2011 19:44 , Ishita Kapadiya <ishimegh@xxxxxxxxx> wrote: >>> >>> Hi Mark, >>> >>> Thanks for your suggestion. I tried below settings in httpd.conf - >>> >>> <IfModule ssl_module> >>> #SSLRandomSeed startup builtin >>> #SSLRandomSeed connect builtin >>> SSLRandomSeed startup file:/dev/urandom 1024 >>> SSLRandomSeed connect file:/dev/urandom 1024 >>> </IfModule> >>> >>> the commented line was there when I initially posted my query and now >>> I changed it with mentioned lines. But still got the same result. >>> Even i tried with /dev/random option but that option didn't work at >>> all (may be not supported with my OS config) >>> Could you or anyone please help me to resolve this problem. I want to >>> resolve it. I tried to google it but couldn't find any solution. >>> Any help will be great. >> >> I had to scale things back a bit in the VM guest that I use for development, >> but here is what I'm seeing: >> >> ab -n 10000 -c 10 http://f14dev1.catseye.org/index.html >> Time taken for tests: 2.579 seconds >> >> ab -n 10000 -c 10 https://f14dev1.catseye.org/index.html >> Time taken for tests: 197.999 seconds >> >> This is a ratio ( time for HTTPS / time for HTTP ) of 76.77. In your >> original message, you had a ratio of 62.74. >> >> >> The following Q&A observes the same thing, and it includes a number of >> explanations: >> >> http://serverfault.com/questions/43692/how-much-of-a-performance-hit-for-https-vs-http-for-apache >> >> >> In other words, there is likely not anything wrong with your configuration. >> >> >> A final note: the performance difference does seem to center around the TLS >> session negotiation rather than encryption. If I enable keepalive for my >> benchmark, the time for HTTP decreases from 2.575 seconds to 1.437 seconds; >> but the time for HTTPS drops from 197.999 seconds to 4.237 seconds (yes, 193 >> seconds quicker simply by reusing connections!) > > Whether using keepalive or not, you need a client that can reuse SSL > sessions to better simulate real-world traffic (and of course perform > reasonably). > > Does anyone know if either of the tools mentioned in this thread (ab, > JMeter) do that, or do that when invoked/configured in a certain way? > > Next, mod_ssl needs to be caching sessions properly. > Is an SSL session cache enabled? > Even if so, it is worth using mod_ssl tracing to confirm that the > combination of client/server behavior results in a reasonably high > session cache utilization. > > --------------------------------------------------------------------- > The official User-To-User support forum of the Apache HTTP Server Project. > See <URL:http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx > " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx > For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx > > --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|