Hi, In message <_A4118@delegate-en.ML_> on 09/10/08(20:17:55) you Andre <pzyhqbdyi-5bnwhwajcmlr.ml@ml.delegate.org> wrote: |We did some performance measurements with Delegated and Squid in our research group. Our setup builds a chain of 3 SSL |proxies using the CONNECT command of HTTP. We would like to share our findings with you. |Maybe your are able to shed some light on the difference in the connection time. | |As a configuration file we use | |-P1128 |STLS="-fcl" |ADMIN=none |REMITTABLE="*" |RELIABLE="*" |RESCONF=/etc/resolv.conf |RES_WAIT=0 |TLSCONF="-vd,cache:no" Note that disabling the SSL cache with "TLSCONF=cache:no" will reduce the performance, possibly significantly. Also conditional SSL with "STLS=-fcl" (not with "STLS=fcl") might reduce the performance. |We would also like to know whether it is possible to use the BIND command to open a specific port on the SOCKS server |not just for one client connection, but for multiple client connections. Is it possible with other implementations of a SOCKS server? Since the tcp connection established by the BIND command on the SOCKS protocol becomes a transparent connection with the remote peer after the ACCEPT command, there is no chance to reuse it for another ACCEPT. |If this is not originally intended, might |this possibly a future feature? It needs to extend the specification of SOCKS protocol. This was one of the reasons I made the "VSAP" protocol to realize such functionality ten years ago. <URL:http://www.delegate.org/delegate/vsap/> (in Japanese) <URL:http://www.delegate.org/delegate/Manual.htm#VSAP> Cheers, Yutaka -- 9 9 Yutaka Sato <y.sato@delegate.org> http://delegate.org/y.sato/ ( ~ ) National Institute of Advanced Industrial Science and Technology _< >_ 1-1-4 Umezono, Tsukuba, Ibaraki, 305-8568 Japan Do the more with the less -- B. Fuller