Re: FreeBSD 5.3 Bridge performance take II

From: Brooks Davis <brooks_at_one-eyed-alien.net>
Date: Thu, 9 Sep 2004 19:54:26 -0700
On Thu, Sep 09, 2004 at 09:28:44PM -0400, jason wrote:
> Daniel Eriksson wrote:
> 
> >Robert Watson wrote:
> >
> > 
> >
> >>If you're not already disabling harvesting of entropy on interrupts and
> >>in network processing, you really want to for performance purposes.
> >>   
> >>
> >
> >How do I disable this without causing entropy starvation for "typical" use
> >cases (ssl? ssh?)? I googled a bit and found nothing at all about how to
> >disable excessive harvesting.
> >
> ># sysctl -a | grep harvest
> >kern.random.sys.harvest.ethernet: 1
> >kern.random.sys.harvest.point_to_point: 1
> >kern.random.sys.harvest.interrupt: 1
> >kern.random.sys.harvest.swi: 0
> >
> >These are the knobs I know about. Is it enough to turn
> >kern.random.sys.harvest.ethernet and kern.random.sys.harvest.interrupt to 
> >0,
> >or are there other things I need to do too?
> >
> >/Daniel Eriksson
> > 
> >
> That is what I did.  I have not bench marked, but I did allot of 
> searching on the web and reading man pages.  I just can't make the 
> changes permanent.  When I put them in loader.conf they seem to be 
> ignored.  Any suggestions to make it stick?

The values are set in the /etc/rc.d/initrandom script.  Add the
following to your rc.conf to diable interrupt and ethernet entropy
gathering:

harvest_interrupt="NO"
harvest_ethernet="NO"

-- Brooks

-- 
Any statement of the form "X is the one, true Y" is FALSE.
PGP fingerprint 655D 519C 26A7 82E7 2529  9BF0 5D8E 8BE9 F238 1AD4

Received on Fri Sep 10 2004 - 01:02:30 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:38:11 UTC