Re: SSL acceleration for a web farm

To: " users mailing list." <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject: Re: SSL acceleration for a web farm
From: kwijibo@xxxxxxxxxx
Date: Wed, 17 Aug 2005 15:53:16 -0600
Ryan Leathers wrote:

I have been using LVS for a small farm for a couple of years now.  I am
interested in adding SSL hardware acceleration to my two LVS servers.
It is my goal to maintain performance by offloading the SSL chores, and
reduce the cost of certificate renewal by not applying certificates to
my web servers.
Can anyone offer advice from experience doing the same?  I am using an
LVS-NAT configuration currently and am happy with it.  It has been
suggested that I get a commercial product to do this (Big-IP from F5)
which I am not absolutely opposed to, but if there is a good track
record with adding SSL hardware acceleration to LVS then I will be happy
to stick with what I've been using.

Why are you worrying about offloading it?  I would just buy some boxes
with faster CPU's if speed is a concern.  The time it takes to ship
the data back and forth over the bus to the SSL accelerator your processor
probably could have taken care of it.  Especially if the algorithm uses
all the bell and whistle features todays CPUs have.

<Prev in Thread] Current Thread [Next in Thread>