Hi Maxim,
>>> It only can be useful for proxying big amounts of data without any >>> processing. But if you need compression, or TLS, or SSI, or even some >>> simple substitution, then splice() cannot be used. >>> >> It should fit in our stream quite nicely. > > Not really, as stream is able to do SSL encoding and decoding. We also have sendfile() in nginx despite the fact that it can't be used in every single occasion, such as TLS sessions or when gzipping. I am aware that sendfile() is extremely useful in some configurations, I'm just saying the fact that it isn't able to work with TLS wasn't showstopper for it, so at the very least it shouldn't be the only showstopper for splice(). splice() would do something similar than sendfile(). HAProxy doesn't always splice() either, but when it makes sense [1]. Regarding TLS: There are some efforts in both linux [2] and FreeBSD [3] to implement TLS in-kernel; leveraging kernel features like sendfile() while sending it through a in-kernel crypto stack. I'm not saying splice() is a must-have; I certainly don't need it personally, but there are use-cases out there. Regards, Lukas [1] http://cbonte.github.io/haproxy-dconv/configuration-1.5.html#4.2-option%20splice-auto [2] https://lwn.net/Articles/666509/ [3] https://people.freebsd.org/~rrs/asiabsd_2015_tls.pdf _______________________________________________ nginx mailing list nginx@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx
