Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 12 Nov 2015 12:51:30 -0500
From:      Allan Jude <allanjude@freebsd.org>
To:        Slawa Olhovchenkov <slw@zxy.spb.ru>
Cc:        freebsd-current@freebsd.org
Subject:   Re: OpenSSH HPN
Message-ID:  <5644D1A2.6010305@freebsd.org>
In-Reply-To: <20151112174437.GJ48728@zxy.spb.ru>
References:  <86io5a9ome.fsf@desk.des.no> <5643B3EB.1040002@FreeBSD.org> <20151112000651.GH48728@zxy.spb.ru> <5644C937.6030103@freebsd.org> <20151112174437.GJ48728@zxy.spb.ru>

next in thread | previous in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--5hPlgnp6S8thKAfOxJe24gmM2FCvvAQgG
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable

On 2015-11-12 12:44, Slawa Olhovchenkov wrote:
> On Thu, Nov 12, 2015 at 12:15:35PM -0500, Allan Jude wrote:
>=20
>> On 2015-11-11 19:06, Slawa Olhovchenkov wrote:
>>> On Wed, Nov 11, 2015 at 01:32:27PM -0800, Bryan Drewery wrote:
>>>
>>>> On 11/10/2015 1:42 AM, Dag-Erling Sm=C3=B8rgrav wrote:
>>>>>  I would also like to remove the NONE cipher
>>>>> patch, which is also available in the port (off by default, just li=
ke in
>>>>> base).
>>>>
>>>> Fun fact, it's been broken in the port for several months with no
>>>> complaints. It was just reported and fixed upstream in the last day =
and
>>>> I wrote in a similar fix in the port. That speaks a lot about its us=
age
>>>> in the port currently.
>>>
>>> I am try using NPH/NONE with base ssh and confused: don't see
>>> performance rise, too complex to enable and too complex for use.
>>>
>>> _______________________________________________
>>> freebsd-current@freebsd.org mailing list
>>> https://lists.freebsd.org/mailman/listinfo/freebsd-current
>>> To unsubscribe, send any mail to "freebsd-current-unsubscribe@freebsd=
=2Eorg"
>>>
>>
>> I did a few quick (and dirty) benchmarks and it shows that the NONE
>> cipher definitely makes a difference. Version of OpenSSL also seems to=

>> make a difference, as one might expect.
>>
>> Note: openssh from ports seems to link against both base and ports
>> libcrypto, I am still trying to make sure this isn't corrupting my
>> benchmark results.
>>
>> I am still debugging my dummynet setup to be able to prove that HPN
>> makes a difference (but it does).
>>
>> https://wiki.freebsd.org/SSHPerf
>=20
> I see you test NONE only on OpenSSH_7.1p1/1.0.2d.
> I am try OpenSSH_6.6.1p1./1.0.1p (both side)
> I am got about 500Mbit/s.
> For OpenSSH_6.6.1p1/NONE I am got abot same.
>=20
> I am don't see this combination in you table (OpenSSH_6.6.1p1./1.0.1p i=
x0 OpenSSH_6.6.1p1./1.0.1p)
>=20

If NONE is actually being used, big warnings will be printed to your scre=
en:

WARNING: ENABLED NONE CIPHER
WARNING: ENABLED NONE CIPHER

If you don't see this, NONE is not being used.

--=20
Allan Jude


--5hPlgnp6S8thKAfOxJe24gmM2FCvvAQgG
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (MingW32)

iQIcBAEBAgAGBQJWRNGlAAoJEBmVNT4SmAt+oz0P/AmIjPhryi2XE29u+yRjHvG1
zyfcRAplCOW78q6G4uNVim/m+sXu0zRC3qkL8nOIhsgTyOwKOB2FXFSYYGzSTAAy
PE/32f9DoM1ZM93+PVYi/5SGWx1RxvWGyTxxRzIM925TneRScQ/roC0efO7+2ie2
6WQyUmGgvD6f++MjXj+vO0mUkGLUhqO5FRHXFtc+HZe9uzxZ1RIZ+w4uPuhwN+gi
4+HbZzakPQPaTZo9f/7foI4DZHr/GRMQ+1JQf8qQbrc4RiGucjf03KO0Kr2sn3fJ
mckY0PKcFG2tPLtB0Fc9UdzqgTRnropacVr2omkCwYC+ZLzRo8gBw+lgNqv0F4CR
5cyErR9zbvMEfzJ8Zl/rcThF8hKdQ0M4g85ASerXRvK/YmX15C1j49cV/uR5rVi7
ZMtzr1DvnQYA+ul2gaaUpK6PC7E2gQM5EVIZwyKWX7ie+aHN9CPSu4+/lhoQKTqK
f7K5pCpHWv7oMSbzYDXEs7N0cycGVsYFFmSNqOZ+V0kVpdIbUPwCBzvoeA+q1P7a
8CwoE8xd2UUq0f4FW5DcQcGxM2EPuQVN8/5nejhRdFaFLZ/UKmP3MVWvVvO7uEGh
JpsNc+mTt/+8tJyLaHFD98lMDyDyH3MzT+PpLaZnqHli4q+Motx6i622vaqsnwuy
kxh71YAGQCOBaftMSeEw
=geei
-----END PGP SIGNATURE-----

--5hPlgnp6S8thKAfOxJe24gmM2FCvvAQgG--



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5644D1A2.6010305>