How to Benchmark SSL on Apache based servers?

This message is in MIME format. Since your mail reader does not understand
this format, some or all of this message may not be legible.

------_=_NextPart_001_01C26593.5CF3E1C0
Content-Type: text/plain


Hi,

Is it possible to benchmark the server load with mod_ssl enabled on Apache?

Is there particular software that can do this?

Thanks,
Rob

------_=_NextPart_001_01C26593.5CF3E1C0
Content-Type: text/html

Hi,

Is it possible to benchmark the server load with mod_ssl enabled on Apache?

Is there particular software that can do this?

Thanks,

Rob

Re: How to Benchmark SSL on Apache based servers?

Robert Lagana wrote:
>
> Hi,
>
> Is it possible to benchmark the server load with mod_ssl enabled on Apache?
>
> Is there particular software that can do this?
>

In perl, you could do this by scripting a quick benchmark
with LWP & Crypt::SSLeay libraries. ( LWP loads Crypt::SSLeay
on the backend for https URLs )

Here's a crude command that will set 2 web clients hitting
your SSL server at the same time:

]$ perl -MLWP::Simple -MBenchmark -e 'fork; timethis(25, sub { get(qq(https://localhost/)); }); wait;'
timethis 25: 11 wallclock secs ( 2.78 usr + 0.07 sys = 2.85 CPU) @ 8.77/s (n=25)
timethis 25: 11 wallclock secs ( 3.03 usr + 0.07 sys = 3.10 CPU) @ 8.06/s (n=25)

The timethis() stats aren't really relevant in this case, but
it gave 50 requests done in 11 seconds. Obviously, since the
client was running on the same machine as the server, the servers
real performance would be quite different by itself.

Regards,

Josh
____________________________________________________________ ____
Josh Chamas, Founder phone:925-552-0128
Chamas Enterprises Inc. http://www.chamas.com
NodeWorks Link Checking http://www.nodeworks.com
____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org

RE: How to Benchmark SSL on Apache based servers?

This message is in MIME format. Since your mail reader does not understand
this format, some or all of this message may not be legible.

------_=_NextPart_001_01C26657.340C3B80
Content-Type: text/plain

Thanks !

-----Original Message-----
From: Josh Chamas [mailto:josh@chamas.com]
Sent: Friday, September 27, 2002 1:28 PM
To: modssl-users@modssl.org
Subject: Re: How to Benchmark SSL on Apache based servers?


Robert Lagana wrote:
>
> Hi,
>
> Is it possible to benchmark the server load with mod_ssl enabled on
Apache?
>
> Is there particular software that can do this?
>

In perl, you could do this by scripting a quick benchmark
with LWP & Crypt::SSLeay libraries. ( LWP loads Crypt::SSLeay
on the backend for https URLs )

Here's a crude command that will set 2 web clients hitting
your SSL server at the same time:

]$ perl -MLWP::Simple -MBenchmark -e 'fork; timethis(25, sub {
get(qq(https://localhost/)); }); wait;'
timethis 25: 11 wallclock secs ( 2.78 usr + 0.07 sys = 2.85 CPU) @ 8.77/s
(n=25)
timethis 25: 11 wallclock secs ( 3.03 usr + 0.07 sys = 3.10 CPU) @ 8.06/s
(n=25)

The timethis() stats aren't really relevant in this case, but
it gave 50 requests done in 11 seconds. Obviously, since the
client was running on the same machine as the server, the servers
real performance would be quite different by itself.

Regards,

Josh
____________________________________________________________ ____
Josh Chamas, Founder phone:925-552-0128
Chamas Enterprises Inc. http://www.chamas.com
NodeWorks Link Checking http://www.nodeworks.com
____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org

------_=_NextPart_001_01C26657.340C3B80
Content-Type: text/html
Content-Transfer-Encoding: quoted-printable




charset=3DUS-ASCII">
5.5.2653.12">

Thanks !

-----Original Message-----

From: Josh Chamas [ HREF=3D"mailto:josh@chamas.com">mailto:josh@chamas.com]

Sent: Friday, September 27, 2002 1:28 PM

To: modssl-users@modssl.org

Subject: Re: How to Benchmark SSL on Apache based =
servers?

Robert Lagana wrote:

>

> Hi,

>

> Is it possible to benchmark the server load =
with mod_ssl enabled on Apache?

>

> Is there particular software that can do =
this?

>

In perl, you could do this by scripting a quick =
benchmark

with LWP & Crypt::SSLeay libraries. ( LWP loads =
Crypt::SSLeay

on the backend for https URLs )

Here's a crude command that will set 2 web clients =
hitting

your SSL server at the same time:

]$ perl -MLWP::Simple -MBenchmark -e 'fork; =
timethis(25, sub { get(qq( TARGET=3D"_blank">https://localhost/)); }); wait;'

timethis 25: 11 wallclock secs ( 2.78 usr +  =
0.07 sys =3D  2.85 CPU) @  8.77/s (n=3D25)

timethis 25: 11 wallclock secs ( 3.03 usr +  =
0.07 sys =3D  3.10 CPU) @  8.06/s (n=3D25)

The timethis() stats aren't really relevant in this =
case, but

it gave 50 requests done in 11 seconds.  =
Obviously, since the

client was running on the same machine as the =
server, the servers

real performance would be quite different by =
itself.

Regards,

Josh

SIZE=3D2>___________________________________________________ ____________=
_

Josh Chamas, =
Founder           =
;        phone:925-552-0128

Chamas Enterprises =
Inc.           &n=
bsp;    TARGET=3D"_blank">http://www.chamas.com

NodeWorks Link =
Checking          &nbs=
p;     TARGET=3D"_blank">http://www.nodeworks.com

SIZE=3D2>___________________________________________________ ____________=
_______

Apache Interface to OpenSSL =
(mod_ssl)          &nb=
sp;        www.modssl.org

User Support Mailing =
List           &n=
bsp;          =
modssl-users@modssl.org

Automated List =
Manager           =
;            =
;     majordomo@modssl.org

Re: How to Benchmark SSL on Apache based servers?

Hey there,

On Fri, 27 Sep 2002, Josh Chamas wrote:

> Robert Lagana wrote:
> >
> > Hi,
> >
> > Is it possible to benchmark the server load with mod_ssl enabled on Apache?
> >
> > Is there particular software that can do this?
> >
>
> In perl, you could do this by scripting a quick benchmark
> with LWP & Crypt::SSLeay libraries. ( LWP loads Crypt::SSLeay
> on the backend for https URLs )
>
> Here's a crude command that will set 2 web clients hitting
> your SSL server at the same time:
>
> ]$ perl -MLWP::Simple -MBenchmark -e 'fork; timethis(25, sub { get(qq(https://localhost/)); }); wait;'
> timethis 25: 11 wallclock secs ( 2.78 usr + 0.07 sys = 2.85 CPU) @ 8.77/s (n=25)
> timethis 25: 11 wallclock secs ( 3.03 usr + 0.07 sys = 3.10 CPU) @ 8.06/s (n=25)
>
> The timethis() stats aren't really relevant in this case, but
> it gave 50 requests done in 11 seconds. Obviously, since the
> client was running on the same machine as the server, the servers
> real performance would be quite different by itself.

heh :-)

There is another solution out there (shameless plug);
http://www.geoffthorpe.net/crypto/swamp/

This will also let you mess around with combinations of session resume
(attempts) from the client requests - something important if you're trying
to simulate more or less the profile of traffic you expect a server to be
hit with in real life. Hitting it with nothing but a barrage of SSL/TLS
session negotiations is doing little more than determining what it would
take to DoS your server, which is perhaps not the only information you're
looking for.

BTW: The README may be useful even if you don't want to use swamp - it's
online at;
http://www.geoffthorpe.net/crypto/swamp/swamp-1.1.0/README

Cheers,
Geoff

--
Geoff Thorpe
geoff@geoffthorpe.net


____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org