From owner-freebsd-net@FreeBSD.ORG Sat Aug 13 10:28:18 2011 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id D0978106564A for ; Sat, 13 Aug 2011 10:28:18 +0000 (UTC) (envelope-from bzeeb-lists@lists.zabbadoz.net) Received: from mx1.sbone.de (mx1.sbone.de [IPv6:2a01:4f8:130:3ffc::401:25]) by mx1.freebsd.org (Postfix) with ESMTP id 5FC528FC12 for ; Sat, 13 Aug 2011 10:28:18 +0000 (UTC) Received: from mail.sbone.de (mail.sbone.de [IPv6:fde9:577b:c1a9:31::2013:587]) (using TLSv1 with cipher ADH-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by mx1.sbone.de (Postfix) with ESMTPS id 4CA4425D388C; Sat, 13 Aug 2011 10:28:17 +0000 (UTC) Received: from content-filter.sbone.de (content-filter.sbone.de [IPv6:fde9:577b:c1a9:31::2013:2742]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.sbone.de (Postfix) with ESMTPS id 44571BD3C84; Sat, 13 Aug 2011 10:28:16 +0000 (UTC) X-Virus-Scanned: amavisd-new at sbone.de Received: from mail.sbone.de ([IPv6:fde9:577b:c1a9:31::2013:587]) by content-filter.sbone.de (content-filter.sbone.de [fde9:577b:c1a9:31::2013:2742]) (amavisd-new, port 10024) with ESMTP id E5ac3fjtKbuC; Sat, 13 Aug 2011 10:28:14 +0000 (UTC) Received: from orange-en1.sbone.de (orange-en1.sbone.de [IPv6:fde9:577b:c1a9:31:cabc:c8ff:fecf:e8e3]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by mail.sbone.de (Postfix) with ESMTPSA id 186C0BD3C1C; Sat, 13 Aug 2011 10:28:14 +0000 (UTC) Mime-Version: 1.0 (Apple Message framework v1084) Content-Type: text/plain; charset=us-ascii From: "Bjoern A. Zeeb" In-Reply-To: Date: Sat, 13 Aug 2011 10:28:13 +0000 Content-Transfer-Encoding: quoted-printable Message-Id: <0C8F244C-CB37-4039-97D2-42C08B3BEA76@lists.zabbadoz.net> References: <20110812214309.GI72508@2bithacker.net> To: Kevin Oberman X-Mailer: Apple Mail (2.1084) Cc: freebsd-net@freebsd.org, chip@2bithacker.net Subject: Re: Odd TCP RFC1323 Behavior X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 13 Aug 2011 10:28:19 -0000 On Aug 12, 2011, at 11:36 PM, Kevin Oberman wrote: > On Fri, Aug 12, 2011 at 2:43 PM, Chip Marshall = wrote: >> I've been digging into an issue with SSH throughput and >> discovered that one of the servers involved isn't using RFC1323 >> window scaling and timestamps. >>=20 >> The server is running 7.3-RELEASE-p3, and has >> net.inet.tcp.rfc1323 set to 1. >>=20 >> When connecting out from the server, it sets both Window Scale >> and TimeStamp options in the SYN packet and everything is fine. >>=20 >> When a connection comes into the server with WS and TS set in >> the SYN, the response varies. For port 53 (named) the SYN/ACK >> has WS/TS options. For port 22 (sshd) the SYN/ACK does not have >> WS/TS options, unless the connection is via lo0. >>=20 >> ssh is OpenSSH_5.2p1, compiled from ports with default options. >>=20 >> I'm really at a loss to explain this. >>=20 >> Why does named use RFC1323 on bce0 when sshd doesn't? >> Why does sshd use RFC1323 on lo0 but not on bce0? >>=20 >> I can provide PCAPs of the SYN, SYN/ACK exchanges if that >> will help. >=20 > Try installing security/openssh-portable from ports and enable the HPN = patches. and let me point out that the relevant patch is in stock HEAD and will = ship by default with 9.0. >=20 > As it stands today, openssh locks the window size to a tiny value. > This causes performance over wide area links to be simply terrible. >=20 > Take a look at http://fasterdata.es.net/fasterdata/say-no-to-scp/ for > more information on the issue. As you will see there, window scaling > is the least of the performance issues with openssh. > --=20 > R. Kevin Oberman, Network Engineer - Retired > E-mail: kob6558@gmail.com > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" --=20 Bjoern A. Zeeb You have to have visions! Stop bit received. Insert coin for new address family.