On 2013-03-26 19:34, mkanet@yahoo.com wrote:
Wouldn't it be nice to accelerate Stunnel SSL with sslshader? I'm not sure if sslshader will have opensource/multiplatform support. But, the idea sure sounds neat.
I found this project back in 2011. It sounds interesting indeed. It would be nice to implement an OpenSSL engine front-end to their libgpucrypto, so it could be used with stunnel.
Offloading AES or SHA1 is not very practical, as software implementations can already handle over 1Tbps on modern CPUs. I bet stunnel deployments that need to handle over 1Tbps traffic are not very common.
RSA acceleration on the other hand sounds interesting. Although over 10ms GPU latency sounds bad compared to ~2ms CPU latency, the bulk processing throughput of ~20 CPU cores could be useful. On the other hand I'm not sure if this is the most cost-effective solution. It may be cheaper to buy 3 6-core or 8-core CPUs instead.
For comparison stunnel benchmark on a 6-year-old machine: https://www.stunnel.org/perf.html
Mike