Re: OpenSSH HPN

From: Allan Jude <allanjude_at_freebsd.org>
Date: Thu, 12 Nov 2015 12:51:30 -0500
On 2015-11-12 12:44, Slawa Olhovchenkov wrote:
> On Thu, Nov 12, 2015 at 12:15:35PM -0500, Allan Jude wrote:
> 
>> On 2015-11-11 19:06, Slawa Olhovchenkov wrote:
>>> On Wed, Nov 11, 2015 at 01:32:27PM -0800, Bryan Drewery wrote:
>>>
>>>> On 11/10/2015 1:42 AM, Dag-Erling Smørgrav wrote:
>>>>>  I would also like to remove the NONE cipher
>>>>> patch, which is also available in the port (off by default, just like in
>>>>> base).
>>>>
>>>> Fun fact, it's been broken in the port for several months with no
>>>> complaints. It was just reported and fixed upstream in the last day and
>>>> I wrote in a similar fix in the port. That speaks a lot about its usage
>>>> in the port currently.
>>>
>>> I am try using NPH/NONE with base ssh and confused: don't see
>>> performance rise, too complex to enable and too complex for use.
>>>
>>> _______________________________________________
>>> freebsd-current_at_freebsd.org mailing list
>>> https://lists.freebsd.org/mailman/listinfo/freebsd-current
>>> To unsubscribe, send any mail to "freebsd-current-unsubscribe_at_freebsd.org"
>>>
>>
>> I did a few quick (and dirty) benchmarks and it shows that the NONE
>> cipher definitely makes a difference. Version of OpenSSL also seems to
>> make a difference, as one might expect.
>>
>> Note: openssh from ports seems to link against both base and ports
>> libcrypto, I am still trying to make sure this isn't corrupting my
>> benchmark results.
>>
>> I am still debugging my dummynet setup to be able to prove that HPN
>> makes a difference (but it does).
>>
>> https://wiki.freebsd.org/SSHPerf
> 
> I see you test NONE only on OpenSSH_7.1p1/1.0.2d.
> I am try OpenSSH_6.6.1p1./1.0.1p (both side)
> I am got about 500Mbit/s.
> For OpenSSH_6.6.1p1/NONE I am got abot same.
> 
> I am don't see this combination in you table (OpenSSH_6.6.1p1./1.0.1p ix0 OpenSSH_6.6.1p1./1.0.1p)
> 

If NONE is actually being used, big warnings will be printed to your screen:

WARNING: ENABLED NONE CIPHER
WARNING: ENABLED NONE CIPHER

If you don't see this, NONE is not being used.

-- 
Allan Jude


Received on Thu Nov 12 2015 - 16:51:14 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:41:00 UTC