[erlang-questions] SSL memory consumption

Kaiduan Xie <>
Thu Dec 30 06:32:20 CET 2010

After tried two different ways to call ssl:transport_accept and
ssl:ssl_accept, the following observation was found,

1. Calls ssl:transport_accept and ssl:ssl_accept in a server loop, and
for each SSL connection, starts a gen_fsm to receive data. The code is
listed as below,

loop3(LSock) ->
    {ok, Socket} = ssl:transport_accept(LSock),
    ok = ssl:ssl_accept(Socket),
    {ok, {PeerAddr, PeerPort}} = ssl:peername(Socket),
    io:format("Accepted peer:~p:~p:~p:~p~n", [self(),PeerAddr, PeerPort, I]),
    {ok, Pid} = gen_fsm:start(erlsip_transport_tls_connection,
{Socket, PeerAddr, PeerPort}, []),
    ssl:controlling_process(Socket, Pid),

2. Calls ssl:transport_accept, and ssl:ssl_accept in a gen_fsm. Upon a
SSL connection is accepted, starts another gen_fsm to accept new SSL
connection. The code is listed as below.

init({server, LSocket, Parent}) ->
    {ok, wait_for_connection, #state{lsocket = LSocket,
                                     parent = Parent}, 0};
wait_for_connection(timeout, State) ->
    io:format("Waiting for TLS connection ... ~p/~p~n", [self(), State#state.par
    {ok, Socket} = ssl:transport_accept(State#state.lsocket),
    ok = ssl:ssl_accept(Socket),
                 {server, State#state.lsocket, State#state.parent},
    {ok, {PeerAddr, PeerPort}} = ssl:peername(Socket),
    io:format("Accepted peer:~p/~p:~p~n", [self(), PeerAddr, PeerPort]),
    {next_state, wait_for_crlf_crlf, State#state{socket = Socket,
                   peer_address = PeerAddr, peer_port = PeerPort}}.

Memory consumption per connection in the second way is about 120 K
with R14B01 while a connection takes about 30 K in first way.

I am very happy with the result, but can someone explain the difference?


On Thu, Dec 23, 2010 at 9:31 PM, Kaiduan Xie <> wrote:
> I just replaced R14A with R14B01, each SSL connection consumes about
> 120 K memory, 50K less than that of R14A.
> Thank Tony, Jesper for the help, can we reduce more?
> /Kaiduan
> On Thu, Dec 23, 2010 at 8:38 PM, Jesper Louis Andersen
> <> wrote:
>> On Fri, Dec 24, 2010 at 02:33, Kaiduan Xie <> wrote:
>>> What do you mean the old ssl and new ssl, Tony?
>> SSL was replaced recently with a new implementation and you have the
>> 'new' version here if you are on R14b
>> --
>> J.

More information about the erlang-questions mailing list