New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Added documentation for SSL performance improvements #239
Conversation
c114667
to
f519fff
Compare
@@ -87,4 +87,23 @@ ClientConfig clientConfig = new ClientConfig(); | |||
clientConfig.getNetworkConfig().addAddress("127.0.0.1"); | |||
``` | |||
|
|||
![image](images/NoteSmall.jpg) ***NOTE:*** *When you use SSL with the Java client, it will have a throughput that is 50% of a non-SSL Java client with the same configuration. If it is a .NET client, it will have a throughput that is 46% of a non-SSL .NET client.* |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I have removed this section since I don't know how valid these numbers are. Also with 3.8 a lot of things have changed + with the right changes there is some additional performance to gain on the JVM.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Okay.
f519fff
to
20a0082
Compare
the generation of random numbers. /dev/random relies on entropy to be able to generate random numbers. However if this entropy is | ||
insufficient to keep up with the rate requiring random numbers, it can slow down encryption/decryption. This can easily be fixed | ||
by adding the following system property `-Djava.security.egd=file:/dev/./urandom`. For a more permanent solution modify | ||
`<JAVA_HOME>/jre/lib/security/java.security` file; look for the `securerandom.source=/dev/urandom` and change it |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this is a dangerous recommendation w/o informing about security implications.
the /dev/random
device is used for a reason.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
http://www.2uo.de/myths-about-urandom/
Even in Oracle Weblogic they don't decline urandom.
https://docs.oracle.com/cd/E13209_01/wlcp/wlss30/configwlss/jvmrand.html
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ok. I assume you know what you are doing.
No description provided.