Horms wrote:
>
> On Thu, Oct 05, 2000 at 08:52:49AM -0700, Wayne wrote:
> > LVS as is does not have the problem. Since
> > LVS is based on <sip,sport; vip,vport; rip, rport>
> > which is not change between HTTP and HTTPS
> > requests, so it works fine. However, any other
> > ones, like Cisco or Arrowpoint, unless they add
> > SSL terminator (which is not cheap and is not
> > very effecient), will not be able to take the
> > advantage of cookie persistent.
> >
> > F5 sales a version with SSL termination with
> > ADDITIONAL $6000 charge and only can
> > handle up to 120 transaction/s, based on their
> > SSL terminator supplier (Rainbow Technology).
> > At the mean time, LVS can handle 100,000
> > transactions/s, by sharing the load on many
> > HTTPS servers.
>
> I havn't had much experience with SSL accelerators,
> but for a $6000 price tag, given the litte I know
> you should be able to get an accelerator that can do
> several 1000 connections/s. That is asside from
> weather or not you want to go down that path.
>
> John Casu: Do you have anything to add to this?
>
The CryptoSwift cards from Rainbow offer between
200 and 600 rsa1024 signs/sec, depending on the
model. The list price for these cards is between
$6000 and $12000, again depending on the model.
Volume pricing will obviously be more aggressive.
On a 500Mhz Pentium III processor, you can do 80 signs/sec
in software (that's openSSL with hand optimized assembler,
but no MMX/SSI instructions).
john c.
--
"But I don't feel afraid.
As long as I gaze on Waterloo Sunset,
I am in paradise." -- Waterloo Sunset, The Kinks
|