(Illustration by Gaich Muramatsu)
> On Sun, Jul 25, 2010 at 06:54:55AM -0400, Zetas wrote: >> I've been doing some performance tests and i'd like to see what you guys think >> of what im getting, if it could be faster by setting the rvm log and/or data >> files differently or what. > > RVM shouldn't make that much of a difference as it is only used for the > meta-data (directory contents and attribute information). A file would > get transferred directly from a container file on the server in /vicepa/ > to the client's container file in /var/lib/coda/cache/. > > Now the file transfer protocol will probably never set speed records. > All packets are sent using UDP so everything including retransmissions > runs completely in userspace. RPC2/SFTP has a trick up it's sleeve that we > aren't really using that much anymore, it can send to several machines > in parallel overlapping waiting for ack's and sends a file to three > servers in the same amount of time it takes to send it to a single one. > (on the other hand this is only possible because timing wise we cannot > saturate the link with only a single data transfer) > >> Over the openvpn we have, i get about 210Kbps, so it would seem the open >> Internet is about 5 times faster. I expected some performance hit form the >> security, but not that much. > > Well, openvpn requires additional trips back up to userspace, to the > OpenVPN daemon, which encrypts and then sends it back out. This > introduces additional latency and the SFTP window is pretty small, only > about 32KB at most and typically around 8KB so latency is definitely > noticable. The throughput is windowsize / roundtrip time, i.e. if you > are seeing about 210 Kbps, then the RTT through the openvpn is probably > ~40ms, while the direct connection is getting around 5ms RTT. > > This is all if you are talking about a client fetching files from a > server. When writing to the server things are very different (files are > written back in small chunks) and when resolving between servers the > data may be going back and forth several times as all sides are shipping > each other a set of possibly missed operations and compare each other's > directory contents at the end to see if resolution succeeded. > >> if we have to go over the open Internet to gain that performance boost, what >> kind of innate security does coda provide, is there any kind data encryption > > It uses AES-based packet level encryption. The encryption is heavily > inspired by IPsec, effectively IPsec but implemented at the UDP level > and managed by the application instead of the operating system. > > See also secure/README.secure in the RPC2 sources, > > http://www.coda.cs.cmu.edu/cgi-bin/gitweb.cgi?p=rpc2.git;a=blob;f=secure/README.secure;h=b220eda9d3bdc543e6e49cc0dccee0c9ffb67b2d;hb=HEAD > > Jan > > Jan, Awesome, thanks for such a complete explanation, im glad to see it has innate security, looks like we will go over the open internet to achieve the speed boost. -DavidReceived on 2010-07-25 23:28:40