Hi,

In message <_A4118@delegate-en.ML_> on 09/10/08(20:17:55)
you Andre <pzyhqbdyi-jfjnzgirqznr.ml@ml.delegate.org> wrote:
 |We did some performance measurements with Delegated and Squid in our research group. Our setup builds a chain of 3 SSL
 |proxies using the CONNECT command of HTTP. We would like to share our findings with you.
 |Maybe your are able to shed some light on the difference in the connection time.
 |
 |As a configuration file we use
 |
 |-P1128
 |STLS="-fcl"
 |ADMIN=none
 |REMITTABLE="*"
 |RELIABLE="*"
 |RESCONF=/etc/resolv.conf
 |RES_WAIT=0
 |TLSCONF="-vd,cache:no"

Note that disabling the SSL cache with "TLSCONF=cache:no" will reduce
the performance, possibly significantly.
Also conditional SSL with "STLS=-fcl" (not with "STLS=fcl") might
reduce the performance.

 |We would also like to know whether it is possible to use the BIND command to open a specific port on the SOCKS server
 |not just for one client connection, but for multiple client connections.

Is it possible with other implementations of a SOCKS server?
Since the tcp connection established by the BIND command on the SOCKS
protocol becomes a transparent connection with the remote peer after
the ACCEPT command, there is no chance to reuse it for another ACCEPT.

 |If this is not originally intended, might
 |this possibly a future feature?

It needs to extend the specification of SOCKS protocol.
This was one of the reasons I made the "VSAP" protocol to realize such
functionality ten years ago.
<URL:http://www.delegate.org/delegate/vsap/> (in Japanese)
<URL:http://www.delegate.org/delegate/Manual.htm#VSAP>

Cheers,
Yutaka
--
  9 9   Yutaka Sato <y.sato@delegate.org> http://delegate.org/y.sato/
 ( ~ )  National Institute of Advanced Industrial Science and Technology
_<   >_ 1-1-4 Umezono, Tsukuba, Ibaraki, 305-8568 Japan
Do the more with the less -- B. Fuller