what is the approx memory overhead for a SSL connection in node.js

Problem

I am using node version v0.8.16. It bundles with openssl 1.0.0f and contains SSL_OP_NO_COMPRESSION and SSL_MODE_RELEASE_BUFFERS.

My test ssl server just echoes back hello world upon incoming https request and keep the connection open. From my test, the memory overhead per ssl connection is around 150k.

What is the approximate memory overhead for ssl connections in node ? how can I reduce ssl memory usage in this case ?

Problem courtesy of: haijin

Solution

SSL needs per-connection space for:

  • the socket FD
  • about 16k for a receive buffer for the maximum possible SSL record, which varies slightly with the cipher suite
  • an output buffer, probably also about 16k
  • space to compute per-message MACs in
  • handshake status, connection status, handshake MAC, etc.
  • a pointer to the SSL session, which is shareable among connections to the same target, and which must contain the cipher suite, protocol, premaster secret, shared secret, session ID, peer certificate chain, timeout variables, ...
  • whatever else I haven't thought of.

In addition the TCP connection will consume kernel space, e.g. for the socket send and receive buffers.

Solution courtesy of: EJP

Discussion

SSL needs about 128K or even more (depending on implementation) per connection for memory buffers so you probably won't be able to reduce amount of memory used.

Discussion courtesy of: Eugene Mayevski 'Allied Bits

This recipe can be found in it's original form on Stack Over Flow.