[Tor-BSD] Performance loss migrating Linux -> FreeBSD

George Rosamond george at ceetonetechnology.com
Sun Apr 10 12:37:11 EDT 2016


On 04/10/16 05:57, failure wrote:
> Hello,
> 
> thanks for your answers.
> 
>> [notice] We were built to run on a 64-bit CPU, with OpenSSL 1.0.1 or
>> later, but with a version of OpenSSL that apparently lacks accelerated
>> support for the NIST P-224 and P-256 groups. Building openssl with such
>> support (using the enable-ec_nistp_64_gcc_128 option when configuring
>> it) would make ECDH much faster.
> 
> Yes this message appeared in the tor log (no other error messages
> elsewhere). Now I installed OpenSSL from ports and disabled pf (I know,
> two knobs at a time...). Max throughput increased to ~80 Mbit/s not
> hitting full CPU load. With this configuration the server seems to be
> back at the linux max. performance.
> 
> Now I enabled pf again with some "quick" keywords added to the ruleset
> and am waiting for ~24h to see what happens.
> 
> After that I'll test Marks suggestions one at a time and maybe also give
> libressl a try.
> 
> I'll report back when finished.
> 
> Thanks again!

Let us know, definitely.

Also: https://blog.torproject.org/blog/lifecycle-of-a-new-relay,
although as some ppl on this list can say, don't assume guard status...
nomad?

And to reiterate a point I often reference on testing, see Kode Vicious
from ACM's Queue:  https://queue.acm.org/detail.cfm?id=2732268

I know there are the biggest BSD relay operators on this list, and I'd
love to hear their input, tweaks, etc, if any.

At some point when a number of factors come together, we'll be bringing
up the two NYI relays on 100Mbps pipes. All the relays and bridges I've
operated previously have been using bandwidth a fraction of that.

g



More information about the Tor-BSD mailing list