On Thu, 9 Sep 2004, jason wrote: > >>If you're not already disabling harvesting of entropy on interrupts and > >>in network processing, you really want to for performance purposes. > >> > > > >How do I disable this without causing entropy starvation for "typical" use > >cases (ssl? ssh?)? I googled a bit and found nothing at all about how to > >disable excessive harvesting. > > > ># sysctl -a | grep harvest > >kern.random.sys.harvest.ethernet: 1 > >kern.random.sys.harvest.point_to_point: 1 > >kern.random.sys.harvest.interrupt: 1 > >kern.random.sys.harvest.swi: 0 > > > >These are the knobs I know about. Is it enough to turn > >kern.random.sys.harvest.ethernet and kern.random.sys.harvest.interrupt to 0, > >or are there other things I need to do too? I'd set kern.random.sys.harvest.ethernet to 0 because the incremental benefits beyond harvesting the interrupt are pretty low. > That is what I did. I have not bench marked, but I did allot of > searching on the web and reading man pages. I just can't make the > changes permanent. When I put them in loader.conf they seem to be > ignored. Any suggestions to make it stick? I've CC'd markm because he's probably interested -- right now, you have to set it in /etc/sysctl.conf because a tunable is not defined. I think it would be a good idea to make them tunable, however, as well. Robert N M Watson FreeBSD Core Team, TrustedBSD Projects robert_at_fledge.watson.org Principal Research Scientist, McAfee ResearchReceived on Fri Sep 10 2004 - 01:02:06 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:38:11 UTC