At 01:59 AM 10/10/00 -0700, Jeremy wrote:
>Dan Browning wrote:
>>
>> Wow. Thank you so much for the feedback.
>>
>> > First of all, cookie persistent is not solving the problem of
>> > AOL using proxy servers, unless you have SSL termination.
>>
>> Intel has a SSL termination network appliance for $10,000 that does 200 TPS.
>> I could either use this for the front end SSL decoding, or I heard that some
>> HTTP proxies can do that.
>
>You sure about the price of the ssl termination appliance? I am supposed
>to be getting some 7180s
>(http://channel.intel.com/business/products/ecom/7110accel.htm) in this
>week to mess around with. The 7180's do 600 tps SSL and have the SSL
>termination, but they are $20K.. and the only boxes that I know of from
>intel that are 200tps are the low end 7110 SSL accelerators which are
>only about 7K which I happen to have a few I have been tinkering with
>lately, pretty impressive little boxes, lots more functionality than I
>thought. I am looking forward to getting my hands on some 7180s in a few
>days ;)
>
>... snip ...
>
>> > I do not think $30k load balancer has SSL termination built-in.
>> > If they do, check the spec, it probably about 100 transaction/s.
>> > If you think that is all you need for SSL, you could have a
>> > medium size server and do not need load balancer at all :)
>>
>> The Intel E-Commerce Director (taken from iPivot, or something) does in fact
>> have SSL termination built-in. And it's 600 transactions/sec. That's new
>> transactions. It can handle 3000 transactions/sec of established
>> connections.
>
>Ya, I had a meeting with intel a few weeks ago about some of their
>newest SSL accelerators and they JUST released them about 3 weeks ago, I
>think it is the 7185, previously the 7180 was around $40K and when they
>released the 7185 the price of the 7180 dropped to 20K. Anyway, this new
>7180 can do 1200 tps and 6000 established connetions,
I guess Intel may have best price than others. But as far as
TPS goes, I do not see the big differences between the so called
new TPS and established connections, since every SSL packet
will need to be decoded. There will be no HTTPS server behind
the load balancer any more, all the SSL is terminated on the
load balancer. So I do not see they can get 5 times more for
so called established connections. If they can, that is very
impressive number.
Most sites will have about 200TPS if they are getting about one
million page view a day. If using LVS load balance, it can
easily gets to over 1000TPS. 200TPS SSL load on the
HTTPS server will saturate a dual PIII-550 server running
NT4 IIS, or any other web servers. That kind of server is
about $3000 these days. If you have two servers and doing
load balancing between them, you can handle 2 million page
view a day.
With SSL termination on the load balancer, then one
PIII-550 server can handle almost 16 million page views
a day, unless you heavily use CGI code or JSP/ASP.
So the bottleneck is definitely being on the load balancer
again.
Most business can get along with a LVS load balancer
and using regular HTTPS server to handle the SSL
without any problem.
>http://channel.intel.com/business/products/ecom/7185ecom_dir.htm
>
>Jeremy
>
|