On 12/14/22 06:07, Willy Tarreau wrote: > By the way, are you running with OpenSSL > 3.0 ? That one is absolutely terrible and makes extreme abuse of > mutexes and locks, to the point that certain workloads were divided > by 2-digit numbers between 1.1.1 and 3.0. It took me one day to > figure that my load generator which was caping at 400 conn/s was in > fact suffering from an accidental build using 3.0 while in 1.1.1 > the perf went back to 75000/s!
Is this a current problem with the latest openssl built from source? I'm running my 2.7.x installs with quictls 3.0.7, which aside from the QUIC support should be the same as openssl.
400 connections per second is a lot more than I need, but if it's that inefficient, seems like overall system performance would take a hit even if it's not completely saturated. My primary server has dual E5-2697 v2 CPUs, but my mail server is a 2-CPU AWS instance.
Should I switch to quictls 1.1.1 instead? Thanks, Shawn
