From owner-freebsd-current@freebsd.org Thu Nov 12 22:57:06 2015 Return-Path: Delivered-To: freebsd-current@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id B769FA2E3CA for ; Thu, 12 Nov 2015 22:57:06 +0000 (UTC) (envelope-from allanjude@freebsd.org) Received: from mx1.scaleengine.net (mx1.scaleengine.net [209.51.186.6]) by mx1.freebsd.org (Postfix) with ESMTP id 7BE131E0D for ; Thu, 12 Nov 2015 22:57:05 +0000 (UTC) (envelope-from allanjude@freebsd.org) Received: from [10.1.1.2] (unknown [10.1.1.2]) (Authenticated sender: allanjude.freebsd@scaleengine.com) by mx1.scaleengine.net (Postfix) with ESMTPSA id CF688D4A3; Thu, 12 Nov 2015 22:57:04 +0000 (UTC) Subject: Re: OpenSSH HPN To: John-Mark Gurney References: <86io5a9ome.fsf@desk.des.no> <5643B3EB.1040002@FreeBSD.org> <20151112000651.GH48728@zxy.spb.ru> <5644C937.6030103@freebsd.org> <20151112175603.GZ65715@funkthat.com> Cc: freebsd-current@freebsd.org From: Allan Jude X-Enigmail-Draft-Status: N1110 Message-ID: <56451953.8070105@freebsd.org> Date: Thu, 12 Nov 2015 17:57:23 -0500 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:38.0) Gecko/20100101 Thunderbird/38.3.0 MIME-Version: 1.0 In-Reply-To: <20151112175603.GZ65715@funkthat.com> Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="77jrLpvQPtWS3Pa7K69NDO3H2QlctEkt2" X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 12 Nov 2015 22:57:06 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --77jrLpvQPtWS3Pa7K69NDO3H2QlctEkt2 Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: quoted-printable On 2015-11-12 12:56, John-Mark Gurney wrote: > Allan Jude wrote this message on Thu, Nov 12, 2015 at 12:15 -0500: >> On 2015-11-11 19:06, Slawa Olhovchenkov wrote: >>> On Wed, Nov 11, 2015 at 01:32:27PM -0800, Bryan Drewery wrote: >>> >>>> On 11/10/2015 1:42 AM, Dag-Erling Sm=F8rgrav wrote: >>>>> I would also like to remove the NONE cipher >>>>> patch, which is also available in the port (off by default, just li= ke in >>>>> base). >>>> >>>> Fun fact, it's been broken in the port for several months with no >>>> complaints. It was just reported and fixed upstream in the last day = and >>>> I wrote in a similar fix in the port. That speaks a lot about its us= age >>>> in the port currently. >>> >>> I am try using NPH/NONE with base ssh and confused: don't see >>> performance rise, too complex to enable and too complex for use. >> >> I did a few quick (and dirty) benchmarks and it shows that the NONE >> cipher definitely makes a difference. Version of OpenSSL also seems to= >> make a difference, as one might expect. >> >> Note: openssh from ports seems to link against both base and ports >> libcrypto, I am still trying to make sure this isn't corrupting my >> benchmark results. >=20 > You don't need the aesni.ko module loaded for OpenSSL (which is how > OpenSSH uses most crypto algos) to use AES-NI.. >=20 > Also, do you set any sysctl's to play w/ the buffer sizes or anything? >=20 >> I am still debugging my dummynet setup to be able to prove that HPN >> makes a difference (but it does). >=20 > Does my example on the page not work for you? >=20 >> https://wiki.freebsd.org/SSHPerf >=20 I found that when I set even 5ms of delay with dummynet, bandwidth over the LAN drops more than it should. Dummynet is limiting the rate rather than just adding the delay. I am investigating. I found this document: http://www.cs.unc.edu/~jeffay/dirt/FAQ/hstcp-howto.pdf Which is from the 6.x era, but suggests: "One subtle bug exists in the stock Dummynet implementation that should be corrected for experiments. When a packet arrives in dummynet it is shoved into a queue which limits the bandwidth a TCP flow may use. Upon exit from the queue, the packet is transferred to a pipe where it sits for any configured amount of delay time and might possibly be dropped depending on the loss probability. Once the delay time has passed, the packet is released to ip output." May be the cause of my problem --=20 Allan Jude --77jrLpvQPtWS3Pa7K69NDO3H2QlctEkt2 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (MingW32) iQIcBAEBAgAGBQJWRRlWAAoJEBmVNT4SmAt+e4sQAKVQMfoPEIu7LRPlRH3X+qEZ DEJn4EBqxuO0mMvTjHPt1qLYhHiYXuJOiQiuTUHuknihG6XYpNJJftwTWf0ybYrg jwtMpWjB74ylFZ1RR0ic3W1+xbNbDVtjqm/dbMfxOivgoLmPY9KpQMFeMX6X48Gz gy3jvGeHJPh+GKb8ygIt6CIGBzCeXpSeIbfyoWTHX1tKk+k01+vW0UFVlC4bVr5C opsxaulXVlOEo+TRbRILdrEIRItidRBcBEX8MpI5D/V3peKYp8iobnsrr+Hbk9nB FgMd05RLWGCIWL3K+0ppib4kIztwykf2VrYPn9tooq2a6QaJVedeEtQjacwEtbdH ss7v5j9Gj9IP+e87SuYLt6S1EyMyxjhM0K0ocsqchDdcFLuG1kjAJ9/e2VXd8BRC oBQvPHsQ9WA9xLD+pGEF0A7Lq1arsvmUo4hrhmunL16cyrmvqWXqwRpUnUpRqaMy JoTIHICLUPGamyTYW+7EXBjXrAs6eoiTPcVaSJSkitVbx2Wmrmfcuy8gmTRdXXZ6 PHP4eWBz7hwPvSqeLwF6zPobykrdCj9WxLAYDTy5+SdWDkEbEeLWyRfMel+Z+u/I AeGtihJpjDBKzxrPsy+yTya0Lb8q6ZEuXg4tl7auSysTnmLn4ahjCNBWt5L8zj+I 7ukD03NgMunAGgghJnod =PGWq -----END PGP SIGNATURE----- --77jrLpvQPtWS3Pa7K69NDO3H2QlctEkt2--