We use SSL connections (LDAPS) almost exclusively and have easily handled over 7000 SSL connections per minute without extensive tuning of FDS. That particular server is a RHEL4 box running an AMD Opteron with 4GB of RAM. Even a crusty old PIII (1.2Ghz) running RHEL3 has handled over 1000 SSL connections per minute from a high-performance cluster, though I suspect that the upper limit of that system isn't too far above that number and we are moving beyond it to another 64-bit system. Our experience has shown start_tls to be noticeably slower than straight ssl; slow enough that the difference is noticeable to people and not just to measurements. I would recommend going with straight SSL and not messing around with start_tls. If your connections are limited at 1600/minute I wonder if you aren't perhaps hitting a limitation elsewhere in your system as our experience seems to indicate that FDS can handle the load you are throwing at it. David -- David Bogen :: (608) 263-0168 Unix SysAdmin :: IceCube Project david.bogen@xxxxxxxxxxxxxxxx -- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
