Date: Wed, 11 Nov 2015 15:32:49 +0300 From: Slawa Olhovchenkov <slw@zxy.spb.ru> To: John-Mark Gurney <jmg@funkthat.com> Cc: Dag-Erling =?utf-8?B?U23DuHJncmF2?= <des@des.no>, freebsd-security@freebsd.org, freebsd-current@freebsd.org Subject: Re: OpenSSH HPN Message-ID: <20151111123249.GC48728@zxy.spb.ru> In-Reply-To: <20151110175216.GN65715@funkthat.com> References: <86io5a9ome.fsf@desk.des.no> <20151110175216.GN65715@funkthat.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Nov 10, 2015 at 09:52:16AM -0800, John-Mark Gurney wrote: > Dag-Erling Smrgrav wrote this message on Tue, Nov 10, 2015 at 10:42 +0100: > > Therefore, I would like to remove the HPN patches from base and refer > > anyone who really needs them to the openssh-portable port, which has > > them as a default option. I would also like to remove the NONE cipher > > patch, which is also available in the port (off by default, just like in > > base). > > My vote is to remove the HPN patches. First, the NONE cipher made more > sense back when we didn't have AES-NI widely available, and you were > seriously limited by it's performance. Now we have both aes-gcm and > chacha-poly which it's performance should be more than acceptable for > today's uses (i.e. cipher performance is 2GB/sec+). > > Second, I did some testing recently due to a thread on -net, and I > found no significant (not run statistically though) difference in > performance between in HEAD ssh and OpenSSH 7.1p1. I started a wiki > page to talk about this: > https://wiki.freebsd.org/SSHPerf Hmm, I see in this page max speed 20MB/sec. This is too small. What is problem? With modern 40G NIC wanted speed about 20Gbit/s. 10Gbit/s at least.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20151111123249.GC48728>