You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@trafficserver.apache.org by "Sudheer Vinukonda (JIRA)" <ji...@apache.org> on 2014/10/15 23:16:34 UTC

[jira] [Comment Edited] (TS-2503) dynamic TLS record size tuning

    [ https://issues.apache.org/jira/browse/TS-2503?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14172955#comment-14172955 ] 

Sudheer Vinukonda edited comment on TS-2503 at 10/15/14 9:15 PM:
-----------------------------------------------------------------

Discussed with the stalwarts on IRC and here's the consensus (quote from [~jacksontj]):

"use small TLS records that fit into a single TCP segment for the first ~1 MB of data, increase record size to 16 KB after that to optimize throughput, and then reset record size back to a single segment after ~1 second of inactivity—lather, rinse, repeat."

The recommendation from [~zwoop], [~jacksontj], [~briang] etc is to use the below values:

smaller TLS record size: MTU/MSS (1500) minus the TCP (20 bytes) and IP (40 bytes) overheads: 1500 - 40 - 20 = 1440 bytes
larger TLS record size: maximum TLS record size which is 16383 (2^14 - 1)



was (Author: sudheerv):
Discussed with the stalwarts on IRC and here's the consensus (quote from [~jacksontj]):

"use small TLS records that fit into a single TCP segment for the first ~1 MB of data, increase record size to 16 KB after that to optimize throughput, and then reset record size back to a single segment after ~1 second of inactivity—lather, rinse, repeat."

The recommendation from [~zwoop], [~jacksontj] [~briang] etc is to use the below values:

smaller TLS record size: MTU/MSS (1500) minus the TCP (20 bytes) and IP (40 bytes) overheads: 1500 - 40 - 20 = 1440 bytes
larger TLS record size: maximum TLS record size which is 16383 (2^14 - 1)


> dynamic TLS record size tuning
> ------------------------------
>
>                 Key: TS-2503
>                 URL: https://issues.apache.org/jira/browse/TS-2503
>             Project: Traffic Server
>          Issue Type: Improvement
>          Components: Performance, SSL
>            Reporter: James Peach
>             Fix For: 5.2.0
>
>
> From [~igrigorik] in TS-2365:
> {quote}
> FWIW, I think you may be interested in this discussion:
> - http://mailman.nginx.org/pipermail/nginx-devel/2013-December/004703.html
> - http://mailman.nginx.org/pipermail/nginx-devel/2014-January/004748.html
> In a nutshell, static record size introduces an inherent tradeoff between latency and throughput -- smaller records are good for latency, but hurt server throughput by adding bytes and CPU overhead. It would be great if we could implement a smarter strategy in ATS. The extra benefit is that it's one less knob to tune: the out-of-the-box experience would be better optimized for all ATS users, regardless of mix/type of traffic being proxies.
> {quote}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)