Re: speeding up zfs send | recv (update)

In reply to: Freddie Cash : "Re: speeding up zfs send | recv (update)"
Go to: [ bottom of page ] [ top of archives ] [ this month ]
From: Charles Sprickman <spork_at_bway.net>
Date: Wed, 22 Feb 2023 22:22:32 UTC
> On Feb 22, 2023, at 4:43 PM, Freddie Cash <fjwcash@gmail.com> wrote:
> 
> [Sorry for top part, GMail sucks for replies.]
> 
> If this is a LAN or private WAN where you trust the network, piping the send stream through netcat will remove ssh from the equation.
> 
> That's what we switched to using once it became almost impossible to get the "none" cipher working with ssh on FreeBSD.
> 
> We use ssh to connect to the remote server and enable a netcat listener on port X, then pipe the send through netcat to the remote system on port X. That way it's logged and uses ssh for authentication.
> 
> We easily saturate gigabit links between our ZFS systems using netcat.

This is kind of tangential, but is there any ssh client/server that is able to make use of multiple CPU cores or is that just not easily possible?

The first set of hosts I worked with that had 10Gb/s internal network ports kind of showed me how much of a bottleneck trying to encrypt with a single core is.

If using netcat or similar to avoid the ssh overhead, can IPSEC or a VPN option (wireguard?) be a bit of a workaround? Do any VPN implementations on FreeBSD put multiple cores to use?

Thanks,

Charles

> 
> 
> 
> Cheers,
> Freddie
> 
> Typos due to smartphone keyboard.
> 
> On Wed., Feb. 22, 2023, 1:31 p.m. Miroslav Lachman, <000.fbsd@quip.cz <mailto:000.fbsd@quip.cz>> wrote:
> On 22/02/2023 22:08, mike tancsa wrote:
> > On 2/22/2023 4:03 PM, Miroslav Lachman wrote:
> >> Interresting numbers. I think I am the only one who get best speed 
> >> with chacha20-poly1305@openssh.com <mailto:chacha20-poly1305@openssh.com>
> >>
> >>
> >> It seems the speed of SSH is limited by single core performance which 
> >> is very poor on this machine (Intel(R) Pentium(R) Dual  CPU E2160). 
> >> Even if CPU has 50% idle, ssh runs on 99.8% of single core.
> > 
> > The CPU I have has
> > aesni0: <AES-CBC,AES-CCM,AES-GCM,AES-ICM,AES-XTS> on motherboard
> > 
> > which probably helps.
> 
> That explains it
> aesni0: No AES or SHA support.
> 
> >> I know there were some HPN patches to ssh, beside that is there any 
> >> option I can try to use less CPU?
> >>
> >> I will play with cpuset to pin ssh on one core and everything else on 
> >> the other core.
> > 
> > It looks like you are running into a CPU bottleneck TBH
> 
> Yes. Pinning on cores with cpuset helps a bit (about +3MiB/s) but 
> without some tweaks on ssh I will not gain more speed :(
> 
> Thank you for your help!
> 
> Miroslav Lachman
> 
>