Closed JiangHai2011 closed 1 month ago
TLS is known to be greedy in memory, depending also on the encryption algorithm negotiated. Also, kamailio does many times speed optimisations at the expense of some memory (e.g., static buffers or allocated at startup to avoid often alloc/dealoc at runtime).
If you think there is room for improvement here, on this particular case, feel free to make a PR and if the results are good overall, then it will be merged.
This issue is stale because it has been open 6 weeks with no activity. Remove stale label or comment or this will be closed in 2 weeks.
Description
a tls connection uses 52104 bytes. Among these memory, tcp_connection structure use 776 bytes and tcp_rd_buf use 6000 bytes, and the left part (45328 bytes) are all about SSL session with crypto.
Expected behavior
kamailio does some optimization for self defined BIO_TYPE_SOURCE_SINK bio type, to save more memory
Actual observed behavior
among this 45328 bytes, the biggest parts are BIO read buffer(16KB) and BIO write buffer(16KB). currently kamailio uses BIO_TYPE_SOURCE_SINK type bio, which needs kamailio manage the buffer by itself (there is no optimization). While nginx uses BIO_TYPE_MEM type bio, which is a openssl's internal bio type with memory optimization. As a result, nginx use less memory to accept more TLS connections than kamailio
Debugging Data
None
Log Messages
SIP Traffic
None
Possible Solutions
None
Additional Information