SSH Compression - Block Deduplication

Matt Olson molson at atlantis.oceanconsulting.com
Wed Sep 14 02:28:24 EST 2011


Morty,

There are good alternatives like VNC with better performance.  When 
working with a lot of hosts, VNC requires setup on each (as you 
indicated).  X is ready to fire up as soon as you login.

x11vnc: at your suggestion I tried it.  Performance is very good, if you 
want to display the entire desktop.

I think the X11 client/server model is cleaner from the user point of 
view.  It's the only GUI implementation I know of that actually splits 
display from the application in a client/server model; which allows you to 
work with applications from multiple hosts seemlessly in a single 
window manager.  I do think this model is cleaner from the user 
perspective and deserves continued support.

X11 is dated, has security and performance issues, all the normal 
criticisms.

The approach of possibly improving gzip/LZ77 performance still semms like 
it might be worth while and have value beyond X11 tunneling.

Matt

On Mon, 12 Sep 2011, Morty Abzug wrote:

> On Mon, Sep 12, 2011 at 08:26:41AM -0700, Matt Olson wrote:
>
>> Nomachine, being a commercial product, is not likely to achieve ubiquity.
> [snip]
>> I may look around and see if I can find a library that does another
>> layer of tunneling or a Xorg addon to provide deduplication.
>
> Have you looked at VNC?  Especially the x11vnc implementation, in
> service mode, with "Tight" encoding.  IME, one gets amazingly good
> performance via that specific combination.  Use it in service mode and
> you can do one master port redirection instead of per-user port
> redirection.  This makes X11 useful even over slow WAN links.
>
> If you have a COTS WAN dedupe, I would be curious to see how raw x11 +
> block dedupe does against VNC in Tight encoding mode with a poorly
> behaved app, such as wireshark with gtk2+.  X11 has at least three
> subtleties that create unnecessary traffic: (1) X11 applications can
> redraw themselves even when there has been no change within the app;
> (2) applications can communicate all kinds of data to the X server
> that isn't actually user-visible; (3) pointer movements result in a
> lot of data traffic across the network.  Block-level dedupe can, at
> best, only reduce that traffic.  Tight VNC can completely eliminate
> the first two, and enormously reduce most of the need for the latter.
> So I would expect Tight VNC to perform better than block dedupe.  But
> a test would be a lot better. . .
>
> That said, setting up VNC currently requires additional effort.  Doing
> something like this transparently in openssh would save a lot of
> trouble.
>
> - Morty
>


More information about the openssh-unix-dev mailing list