New Set of High Performance Networking Patches Available

Chris Rapier rapier at psc.edu
Sat Jun 18 05:50:33 EST 2005 

http://www.psc.edu/networking/projects/hpn-ssh/

Mike Stevens and I just released a new set of high performance 
networking patches for OpenSSH 3.9p1, 4.0p1, and 4.1p1. These patches 
will provide the same set of functionality across all 3 revisions. New 
functionality includes

1) HPN performance even without both sides of the connection being HPN 
enabled. As long as the bulk data flow is in the direction of the HPN 
side you should see improved performance. I've measure 200Mb/s to an HPN 
server from a non HPN client and vice versa.

2) HPN client can now set the local tcp receive buffer on a per 
connection basis. Using the -w option allows the client to override the 
local tcp receive window settings up to the maximum tcp buffer size. 
This is just a setsockopt() call really.

3) NONE cipher switching now available for all revisions. This *is* a 
separate set of patches so it doesn't have to be part of your HPN 
install if you don't want the additional risk associated with NONE. It 
is important to note that the NONE cipher is only used *after* 
authentication takes place. During authentication the default or user 
specified cipher will be used. It should not be very easy to accidental 
switch over to NONE in an interactive session. Of course, the user has 
to accept that there are additional risks.

We're seeing very good throughput - up to 280Mb/s with the arcfour 
cipher. We're actually being limited by the disk speed in this case as 
cpu load is still under 60% on our test machines.

You can find the patches here
http://www.psc.edu/networking/projects/hpn-ssh/

Note: All we are doing is allowing SSH to make better use of the network 
available to it. People on networking paths with a bandwidth delay 
product lower that 64KB won't see an improvement in throughput. You 
should also make sure that the TCP stack on both sides are properly 
tuned for high performance networking.

Comments, questions, observations, bug reports, and the like are 
welcome. We'll have some more stuff out in the next month or so 
hopefully (not patches).

Chris Rapier, PSC
Mike Stevens, CMU

More information about the openssh-unix-dev mailing list