Asymmetric speed w/ SSH Port Forwarding

Clément Péron peron.clem at gmail.com
Thu Jul 8 19:35:02 AEST 2021 

Hi,

On Wed, 7 Jul 2021 at 18:58, Clément Péron <peron.clem at gmail.com> wrote:
>
> Hi Ron
>
> On Wed, 7 Jul 2021 at 18:38, Ron Frederick <ronf at timeheart.net> wrote:
> >
> > Make sure SSH compression is disabled - this can have a massive impact on speed when it is enabled. Even though compression reduces the amount of data you need to put on the wire, potentially increasing what will fit on the link, the CPU cost to do the compression generally makes it a bottleneck on faster links like this.
>
> Added '-v' to my SSH port forwarding cmd:
>
> debug1: kex: algorithm: curve25519-sha256
> debug1: kex: host key algorithm: ecdsa-sha2-nistp256
> debug1: kex: server->client cipher: chacha20-poly1305 at openssh.com MAC:
> <implicit> compression: none
> debug1: kex: client->server cipher: chacha20-poly1305 at openssh.com MAC:
> <implicit> compression: none
>
> I did a capture with wireshark and I saw lots of [TCP Dup ACK] when
> the iperf3 was showing 0.00bits/sec.
>
> Regards,
> Clement
>
> >
> > On Jul 7, 2021, at 9:33 AM, Clément Péron <peron.clem at gmail.com> wrote:
> > > On Wed, 7 Jul 2021 at 18:12, Mara Sophie Grosch <littlefox at lf-net.org> wrote:
> > >> Just to be sure, you also checked your internet connection - at home or wherever you were at the time?
> > >
> > > Yes I did both iperf3 yesterday with and without the SSH Tunnel at the
> > > same time.
> > > I also did both tests today just before sending my first email.
> > >
> > > Speedtest of my connection gives ~920Mbps DL and ~600Mbps UP.
> > >
> > > I also did the same test from my laptop but using an Internet
> > > connection from my phone 4G to be sure it was not coming from my ISP.
> > > Without SSH Tunnel iperf3 speed is 43Mbits/s and 48 Mbits/s
> > > With SSH Tunnel iperf3 speed is 10Mbits/s and 36 Mbits/s


I redid the test at home with a different ISP Provider and I don't
have the issue anymore.

The Fiber at my office and the 4G operator were the same brand so
maybe it was using the same backhaul and they may have a "filter" in
their infrastructure.


Regards,
Clement


> > >
> > > Even over my phone the Iperf3 log is very strange in one way:
> > > [  5]   0.00-1.00   sec  15.0 MBytes   126 Mbits/sec    1   1.19 MBytes
> > > [  5]   1.00-2.00   sec  5.00 MBytes  41.9 Mbits/sec    0   1.19 MBytes
> > > [  5]   2.00-3.00   sec  1.25 MBytes  10.5 Mbits/sec    0    639 KBytes
> > > [  5]   3.00-4.00   sec  0.00 Bytes  0.00 bits/sec    0    639 KBytes
> > > [  5]   4.00-5.00   sec  1.25 MBytes  10.5 Mbits/sec    0    639 KBytes
> > > [  5]   5.00-6.00   sec  0.00 Bytes  0.00 bits/sec    0    639 KBytes
> > > [  5]   6.00-7.00   sec  0.00 Bytes  0.00 bits/sec    0    639 KBytes
> > > [  5]   7.00-8.00   sec  1.25 MBytes  10.5 Mbits/sec    1    639 KBytes
> > > [  5]   8.00-9.00   sec  0.00 Bytes  0.00 bits/sec    0    639 KBytes
> > > [  5]   9.00-10.00  sec  1.25 MBytes  10.5 Mbits/sec    0    639 KBytes
> > >
> > > I also tried another remote server and it gave me the same result.
> > > One way is OK, the other seems limited by something...
> > >
> > > Regards,
> > > Clement
> > >
> > >>
> > >> Best
> > >> Mara
> > >>
> > >> Am 7. Juli 2021 17:41:17 MESZ schrieb "Clément Péron" <peron.clem at gmail.com>:
> > >>> Hi,
> > >>>
> > >>> I was trying to have a SSH tunnel with at least 150Mbps/s in both
> > >>> directions.
> > >>>
> > >>> I have a laptop computer under Ubuntu 20.04.2 and a remote server also
> > >>> under Ubuntu 20.04.2.
> > >>>
> > >>> I measured the speed of my internet connection with Iperf3 and without
> > >>> SSH Tunnel it is OK.
> > >>> $> iperf3 -c <SERVER_IP> -p 7503
> > >>> - 500 Mbits/sec laptop -> server
> > >>> $> iperf3 -c <SERVER_IP> -p 7503 -R
> > >>> - 927 Mbits/sec laptop <- server
> > >>>
> > >>> Then I open a SSH Tunnel: laptop -> server
> > >>> $> ssh -L 7503:127.0.0.1:7503 root at my_server
> > >>>
> > >>> Doing the iperf3 test again
> > >>> $> iperf3 -c 127.0.0.1 -p 7503
> > >>> - 13.6 Mbits/sec
> > >>> $> iperf3 -c 127.0.0.1 -p 7503 -R
> > >>> - 672 Mbits/sec
> > >>>
> > >>> And now the speed is terrible from my laptop to the server.
> > >>>
> > >>> In the iperf console this looks like this
> > >>> [ ID] Interval           Transfer     Bitrate         Retr  Cwnd
> > >>> [  5]   0.00-1.00   sec  11.2 MBytes  94.3 Mbits/sec    2   1023 KBytes
> > >>> [  5]   1.00-2.00   sec  0.00 Bytes  0.00 bits/sec    1    639 KBytes
> > >>> [  5]   2.00-3.00   sec  1.25 MBytes  10.5 Mbits/sec    0    639 KBytes
> > >>> [  5]   3.00-4.00   sec  0.00 Bytes  0.00 bits/sec    0    639 KBytes
> > >>> [  5]   4.00-5.00   sec  1.25 MBytes  10.5 Mbits/sec    0    639 KBytes
> > >>> [  5]   5.00-6.00   sec  0.00 Bytes  0.00 bits/sec    0    639 KBytes
> > >>> [  5]   6.00-7.00   sec  1.25 MBytes  10.5 Mbits/sec    0    639 KBytes
> > >>> [  5]   7.00-8.00   sec  0.00 Bytes  0.00 bits/sec    0    639 KBytes
> > >>> [  5]   8.00-9.00   sec  0.00 Bytes  0.00 bits/sec    0    639 KBytes
> > >>> [  5]   9.00-10.00  sec  1.25 MBytes  10.5 Mbits/sec    0    639 KBytes
> > >>>
> > >>> During some seconds there is no Bitrate at all :(.
> > >>>
> > >>> I understand that the SSH tunnel will add some overhead and I will
> > >>> lose around 10/20% of Bandwidth but this looks like a huge drop.
> > >>>
> > >>> Do you have any idea what can create this behavior?
> > >>>
> > >>> Thanks for your help,
> > >>> Clement
> >
> > --
> > Ron Frederick
> > ronf at timeheart.net
> >
> >
> >

More information about the openssh-unix-dev mailing list