hitch is a network proxy that terminates TLS/SSL connections and forwards the unencrypted traffic to some backend. It’s designed to handle 10s of thousands of connections efficiently on multicore machines.
It follows a process-per-core model; a parent process spawns N children who each
accept() on a common socket to distribute connected clients among them. Within each child, asynchronous socket I/O is conducted across the local connections using
OpenSSL‘s nonblocking API. By default,
hitch has an overhead of ~200KB per connection–it preallocates some buffer space for data in flight between frontend and backend…”