Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

dnsdist: Investigate and document OpenSSL 3.x performance #14994

Open
rgacogne opened this issue Dec 23, 2024 · 0 comments
Open

dnsdist: Investigate and document OpenSSL 3.x performance #14994

rgacogne opened this issue Dec 23, 2024 · 0 comments
Labels
dnsdist docs feature request
Milestone
dnsdist-2.0.0

Comments

@rgacogne
Copy link
Member

  • Program: dnsdist
  • Issue type: Feature request

Short description

The performance regression in OpenSSL 3.x is a very real problem that keeps showing up when DNSdist users upgrade to a more recent version of their distribution of choice. I'm afraid we cannot do anything to fix it, but we might at least be able to fix the pain by documenting it. Moving to GnuTLS is known to help in some cases. The problem is especially visible when a lot of threads / CPU cores are in use.

Related issues:

On the same topic, it would be nice to investigate whether DNSdist can use https://github.com/aws/aws-lc or https://github.com/rustls/rustls-openssl-compat (although I'm not sure the latter would help, since it uses libcrypto internally).
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
dnsdist docs feature request
Projects
None yet
Milestone
dnsdist-2.0.0
Development

No branches or pull requests
1 participant
@rgacogne