|Re: Replication for read-scalability||Josiah Carlson||2/1/12 10:06 AM|
In SSH, SSL, and OpenVPN, the expensive part is the initial connection
handshake where all of the RSA/DSA stuff occurs. After an initial key
exchange (with signature checks determined by the protocol),
everything is transferred by one of a few different fairly high
performance algorithms. If you are really concerned about performance,
use RC4 or AES, the former of which will do 350 megs/second on a
single core of a 2.4 ghz core 2 duo, with AES-128 at 180 megs/second.
You can benchmark them on your platform using: 'openssl speed rc4 aes
Despite the bad press against RC4 due to WEP cracking, RC4 itself is
In terms of performance, CPU, etc., use encryption for
If anyone has specific questions about specific software, ask here or
On Wed, Feb 1, 2012 at 7:01 AM, Jak Sprats <jaks...@gmail.com> wrote:
|Re: Replication for read-scalability||Russell Sullivan||2/1/12 8:13 PM|
wow, that was a wealth of information ... you could just take what you
thanks for the info, if you do blog on it, please post it here, so we
On Feb 1, 3:06 pm, Josiah Carlson <josiah.carl...@gmail.com> wrote:> option (readhttp://vincent.bernat.im/en/blog/2011-ssl-benchmark-round2.html
> set up password-less logins:http://lani78.wordpress.com/2008/08/08/generate-a-ssh-key-and-disable...
> > For more options, visit this group athttp://groups.google.com/group/redis-db?hl=en.
|Re: Replication for read-scalability||Josiah Carlson||2/1/12 8:53 PM|
On Wed, Feb 1, 2012 at 8:30 PM, Jak Sprats <jaks...@gmail.com> wrote:
> Hi Josiah,
> looking at the benchmarks, in the article:
> the max numbers are about 2.5K TPS
> request/response payload is 1K
> It is an 8 core system effectively using different cores.
> At a 1K payload redis can do maybe 10X this thruput (i.e. about 25K
> TPS) ... I think Didier has some numbers on redis speeds at different
> payload sizes (dont know how comparable the cpus are).
> So here is a 10 to 1 disjoint, which would result in a backQ (i.e. the
> stunnel/stud/nginx-tunnel could not keep up).
Here's the thing: that is creating and throwing away connections
If you are replicating data from server A to B (or from A to B,C,...),
> I dont have the hardware to test this stuff, otherwise I just would. I
Don't let them. Unless your slave is reconnecting thousands of times a
To be more specific. This is the output I get from 'openssl speed rsa':
Given that 1024 bits is 128 bytes, using 1024 bit RSA encryption, I
> I am kind of guessing at all of these numbers, so none of this is
Don't throw the baby out! Those are times for creating connections,
> if anyone has any real world numbers on maximum WAN replication speed,
I think I'll have time to write the blog post on Saturday, which will