Re: Less OT: Here's a Solaris crypto acceleration branch to try.
Andrew Lewman schrieb: > On 10/14/2009 02:18 PM, Roger Dingledine wrote: > > Looks like he captured the call graph soon after he turned on his Tor. > > Yes, the callgraph was to see what code pathways are called on startup > of my relay at the time. sorry, I wasn't aware of this. Nevertheless the time spent in aes crypto appeares to be overestimated. "openssl speed aes" gives > 200.000k bytes per second on my active exit node with aes-128 cbc. Since this is more than 1 Gbit/s aes crypto in theory and on the other hand 1 Mbit/s traffic costs about 1% one core cpu cycles in real world I supposed only about 10% cpu cycles spent in openssl aes crypto. Olaf *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Less OT: Here's a Solaris crypto acceleration branch to try.
On 10/14/2009 02:18 PM, Roger Dingledine wrote: > Looks like he captured the call graph soon after he turned on his Tor. Yes, the callgraph was to see what code pathways are called on startup of my relay at the time. I don't have enough CPU and memory to run a callgraph of an active server. -- Andrew Lewman The Tor Project pgp 0x31B0974B Website: https://torproject.org/ Blog: https://blog.torproject.org/ Identi.ca: torproject *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Less OT: Here's a Solaris crypto acceleration branch to try.
On Wed, Oct 14, 2009 at 07:47:36PM +0200, Olaf Selke wrote: > Hi list, > > according Phobos' posting from February this year Tor doesn't spend as > much time within AES crypto as commonly expected. Pls look here: > http://interloper.org/tmp/tor/2009-02-27-tor-callgrind-0.png That callgraph looks like it didn't handle much traffic. 10% of the cpu time was spend loading the geoip file? Looks like he captured the call graph soon after he turned on his Tor. --Roger *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Less OT: Here's a Solaris crypto acceleration branch to try.
On Wed, 14 Oct 2009, Olaf Selke wrote: according Phobos' posting from February this year Tor doesn't spend as much time within AES crypto as commonly expected. Pls look here: http://interloper.org/tmp/tor/2009-02-27-tor-callgrind-0.png An Intel C2D E8600 cpu for about 200 Euro bucks can handle at least 100 MBit/s tor traffic in software. Thanks for passing this along. What load does a typical "modern" CPU like that have while running 100 mbps ? Further, when this analysis was done, how much of that traffic was established traffic and how much of it was the brokering of new connections ? It is my understanding that running established connections at a high rate is indeed trivial, but running a high rate of constant new connections (lots of asymmetric work there) is where the difficulty lies... Comments ? *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Less OT: Here's a Solaris crypto acceleration branch to try.
Hi list, according Phobos' posting from February this year Tor doesn't spend as much time within AES crypto as commonly expected. Pls look here: http://interloper.org/tmp/tor/2009-02-27-tor-callgrind-0.png An Intel C2D E8600 cpu for about 200 Euro bucks can handle at least 100 MBit/s tor traffic in software. Olaf *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: hardware acceleration available for Tor ? On FreeBSD ?
On Mon, 12 Oct 2009, Scott Bennett wrote: - Is anyone _actually_ performing SSL operations in CUDA using GPUs, and if not, how much of my free time and mindshare over the next year will be spent on that fascinating question ? If they are, they're most likely not doing it under FreeBSD. The last time I checked, there was still no support for either CUDA (nVidia) or> Streams (ATi) under FreeBSD. :-( Yes, it continues to be a disappointment that CUDA is not available on FreeBSD or on Solaris for that matter. It's interesting to note that this is not idle chatter - it appears that CUDA is a reasonable platform for AES in hardware: http://www.manavski.com/downloads/PID505889.pdf and further, Nvidia documentation provides instruction and sample code for doing just that: http://http.developer.nvidia.com/GPUGems3/gpugems3_ch36.html They specifically mention CTR mode: "The decryption for CTR can be done following the same steps. Thus we can encrypt and decrypt each cipher block independently, giving us the benefit of true parallelization." I'll bet ops per watt and ops per dollar are all better on the purpose-built encryption hardware ... it would still be more fun to connect a few quadro plex external units to my Tor node. *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/