Any alternatives to NONE cipher ssh or bbcp for gigabit+ zfs send/recv?
Niclas Zeising
zeising+freebsd at daemonic.se
Thu Aug 8 17:37:11 UTC 2019
On 2019-08-08 19:13, Freddie Cash wrote:
> We have gigabit fibre between our main data centre and our off-site data
> centre across town. We do zfs send/recv of our backups between the sites
> over a dedicated gigabit fibre link. Our ZFS storage servers are running
> older AMD Opteron (pre-bulldozer) CPUs, so there's very little in the way
> of encryption extension support.
>
> Running zfs send/recv over regular SSH gives horrible throughput (100-250
> Mbps max).
>
> In the past, we compiled the openssh-portable port with the HPN patches and
> NONE cipher. That allowed us to saturate the gigabit link for zfs
> send/recv and rsync transfers. Then those were removed from the port and
> base OpenSSH. (There were patches floating around for awhile, but we try
> not to build from source anymore.)
>
> Then we found bbcp, which works great for the zfs send/recv process,
> saturating the gigabit link. Doesn't work for rsync, but that's okay (we
> only use rsync for our regular backup process, and that's limited by the
> remote school's Internet link).
>
> An update [1] to the bbcp port broke some things, but we found the magical
> combination of command-line options to make it work reliably in our
> environment. And a project was underway to update bbcp [2] to a newer
> version and make it work better on FreeBSD, but it fizzled out. And now
> the bbcp port has been removed.
>
> We have an archived copy of the bbcp package that works for us on FreeBSD
> 12 (amd64). We'll continue to use that as long as it works (probably until
> FBSD 12 is EoL).
>
> Are there any alternatives to HPN/NONE cipher / bbcp to allow an older
> Opteron system to saturate a gigabit link with zfs send/recv or rsync?
> This is strictly over a private network, so encryption is only needed for
> the authentication bit, not for the actual data transfer. Preferably
> something that's available in the ports tree as a binary package. :)
>
> Suggestions?
>
> [1] https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=197035
> [2] https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=229115
>
> (Thanks to all who attempted to keep bbcp working on FreeBSD. Sounds like
> it wasn't much fun, but we really appreciate the effort.)
>
Hi!
If you completely trust the network, and don't need any authentication,
you can use netcat.
Regards
--
Niclas
More information about the freebsd-ports
mailing list