EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Slowness with SSHBlackBox

Also by EldoS: BizCrypto
Components for BizTalk® and SQL Server® Integration Services that let you securely store and transfer information in your business automation solutions.
#2091
Posted: 01/27/2007 12:21:54
by Zeljan Rikalo (Standard support level)
Joined: 01/27/2007
Posts: 9

I'm registered user of SSHBlackBox 5.0.105. (Released on 2007-01-27) and I found that communication with postgres server is much slower than via normal SSH tunnel.
Connection work OK, large lists are fast as in normal SSH tunnel (ssh -L 5400:servername.xyz:5432 username@servername.xyz), but small queries and small results are slow as without compression ?!?
Same thing happens on windows also (using putty to make tunnel).
So, what should be the reason that small amount of returned (and probably sended-uploaded) data is slow, but large results from sql server are fast as in SSH tunnel ? Do I need to tune TElSSHLocalPortForwarding class ?
I'm using standard sample from SSHBlackBox source package ../SSHBlackBox/Samples/SSH/Client/SimplePortForwarding/Local

here are some measurements :
My App starts and then send about 10 qrys to server (one by one) and wait result, so after that my app shows an authorization dialog.
Server is Postgresql 8.1, SSH 3.9p1-7.On Win32 results are same ! Result is approx. number of seconds until auth dialog is shown:

Normal Connection: 17 sec
SSHBalckBox: 30 sec <---?!?
SSH or Putty tunnel : 8 sec

Large lists (each item is about 100 bytes, about 2000 items)
Normal connection: 10 sec
SSHBlackBox: cca 2 sec
SSH or Putty tunnel: cca 2 sec

I've tried also to make console app and use SSHBlackBox port forwarding, but results are not changed.


any tips ?
#2092
Posted: 01/27/2007 12:37:41
by Eugene Mayevski (EldoS Corp.)

Quote
Zeljan Rikalo wrote:
normal SSH tunnel.


What "normal" are you talking about?


Sincerely yours
Eugene Mayevski
#2093
Posted: 01/27/2007 13:28:03
by Zeljan Rikalo (Standard support level)
Joined: 01/27/2007
Posts: 9

As I wrote above
ssh -L 5400:servername.xyz:5432 username@servername.xyz
this is "normal" for me :)
excuse for misspelling should be "ordinary"...
#2094
Posted: 01/27/2007 14:12:33
by Eugene Mayevski (EldoS Corp.)

Innokentiy will comment more on this on Monday, meanwhile you might want to try the <SecureBlackbox>/Samples/SSH/Client/LocalPortForwarding sample . It uses sockets in a different way. I wonder if it works faster for you.


Sincerely yours
Eugene Mayevski
#2095
Posted: 01/27/2007 14:53:48
by Ken Ivanov (EldoS Corp.)

First of all we should find out what exactly causes the slowdown. It can be caused by the following:
a) slow handling of incoming TCP connections (each of the 10 queries is forwarded via separate TCP connection, isn't it?),
b) slow encryption algorithms. Please try to use AES and check if it increases the speed.

You might also try to set TElLocalPortForwarding.Priority property to sfpHigh and check if it helps.
#2096
Posted: 01/28/2007 02:10:34
by Zeljan Rikalo (Standard support level)
Joined: 01/27/2007
Posts: 9

a) slow handling of incoming TCP connections (each of the 10 queries is forwarded via separate TCP connection, isn't it?),

NO, just one connection.

b) slow encryption algorithms. Please try to use AES and check if it increases the speed.

How to change it to AES ? I'm using just TElSSHLocalPortForwarding class...
#2097
Posted: 01/28/2007 03:13:36
by Zeljan Rikalo (Standard support level)
Joined: 01/27/2007
Posts: 9

hm... I've tried many combinations (found how to enable only one algorithm), but speed is same. I think that problem is not in encryption, but something with compression - uncompression (small data amount is slow, bigger data amount is fast).
Latest tests I've maded were with just ARCFOUR enabled and results are same (and I've enabled sfpHigh).
Eugene, I've tried your solution, but it's same speed, no difference.

example:
"Select id,itemname,itemqty FROM items WHERE itemid=1;"
needs almost 1 second to get result (SSHBlackBox),
SSH2 tunnel returns result almost imeddiatelly.
Normal connection to SQL server is just a bit slower here than SSHBlackBox.

BUT:
"Select id,itemname,itemqty FROM items ORDER BY itemid LIMIT 5000"
SSHBlackBox, and SSH2 tunnel returns at same time (in a few seconds, no difference between SSHBlackbox and SSH2 tunnel or Putty under winXP).
Normal connection returns in > 40 secs.



#2098
Posted: 01/28/2007 03:32:38
by Eugene Mayevski (EldoS Corp.)

As said, the problem is most likely caused by the way the sockets are used. I think compression doesn't play a significant role here.

You say "Normal connection to SQL server is just a bit slower here than SSHBlackBox.". Does this mean that no tunnelling is slower than use of tunneling? If yes, then sockets are definitely the cause.


Sincerely yours
Eugene Mayevski
#2099
Posted: 01/28/2007 04:02:08
by Eugene Mayevski (EldoS Corp.)

BTW what edition of SecureBlackbox are you using?


Sincerely yours
Eugene Mayevski
#2100
Posted: 01/28/2007 04:14:41
by Zeljan Rikalo (Standard support level)
Joined: 01/27/2007
Posts: 9

"Thank you for licensing SecureBlackbox (SSHBlackbox/VCL Client-only package, single-developer vendor license for 1 developer(s)). The license is issued for Zeljan Rikalo." version 5.0.105. (Released on 2007-01-27), downloaded yesterday from my downloads.
Also by EldoS: Solid File System
A virtual file system that offers a feature-rich storage for application documents and data with built-in compression and encryption.

Reply

Statistics

Topic viewed 11574 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!