|
From: Robert P. <rpa...@fe...> - 2018-04-04 09:44:31
|
Hi, > On Apr 4, 2018, at 02:12, Osama Elnaggar <oel...@gm...> wrote: I think wrk is the best tool for now. ModSecurity is (and has been) a cpu-bounded workload. Benchmarks and profiling should focus on things like hot code path analysis, cache coherency, etc. unit/integration tests might make better use of more complex HTTP test harnesses, but I think in this case we can pretty much just throw a bunch of traffic in and burn the processor. Frankly, even with the 3.0.1 improvements, the performance deltas in nginx are discouraging to see. Tomorrow I will be doing some profiling of the sample C application to see how it compares, but at the moment I can't imagine that a provider at any meaningful scale would be okay deploying a WAF that can do at most a few thousand RPS with only a minimal ruleset. @Andrei do you have any comments about the specific numbers (RPS and latency) that have been noted here, and that your repo seems to corroborate? |
