(Illustration by Gaich Muramatsu)
On Sun, Jul 25, 2010 at 06:54:55AM -0400, Zetas wrote: > I've been doing some performance tests and i'd like to see what you guys think > of what im getting, if it could be faster by setting the rvm log and/or data > files differently or what. RVM shouldn't make that much of a difference as it is only used for the meta-data (directory contents and attribute information). A file would get transferred directly from a container file on the server in /vicepa/ to the client's container file in /var/lib/coda/cache/. Now the file transfer protocol will probably never set speed records. All packets are sent using UDP so everything including retransmissions runs completely in userspace. RPC2/SFTP has a trick up it's sleeve that we aren't really using that much anymore, it can send to several machines in parallel overlapping waiting for ack's and sends a file to three servers in the same amount of time it takes to send it to a single one. (on the other hand this is only possible because timing wise we cannot saturate the link with only a single data transfer) > Over the openvpn we have, i get about 210Kbps, so it would seem the open > Internet is about 5 times faster. I expected some performance hit form the > security, but not that much. Well, openvpn requires additional trips back up to userspace, to the OpenVPN daemon, which encrypts and then sends it back out. This introduces additional latency and the SFTP window is pretty small, only about 32KB at most and typically around 8KB so latency is definitely noticable. The throughput is windowsize / roundtrip time, i.e. if you are seeing about 210 Kbps, then the RTT through the openvpn is probably ~40ms, while the direct connection is getting around 5ms RTT. This is all if you are talking about a client fetching files from a server. When writing to the server things are very different (files are written back in small chunks) and when resolving between servers the data may be going back and forth several times as all sides are shipping each other a set of possibly missed operations and compare each other's directory contents at the end to see if resolution succeeded. > if we have to go over the open Internet to gain that performance boost, what > kind of innate security does coda provide, is there any kind data encryption It uses AES-based packet level encryption. The encryption is heavily inspired by IPsec, effectively IPsec but implemented at the UDP level and managed by the application instead of the operating system. See also secure/README.secure in the RPC2 sources, http://www.coda.cs.cmu.edu/cgi-bin/gitweb.cgi?p=rpc2.git;a=blob;f=secure/README.secure;h=b220eda9d3bdc543e6e49cc0dccee0c9ffb67b2d;hb=HEAD JanReceived on 2010-07-25 23:18:16