Red Hat Bugzilla – Bug 62346
Bad SSL Performance with Broadcom 5820
Last modified: 2007-04-18 12:41:28 EDT
Description of Problem: Performance of SSL with the Broadcom SSL card should be in the neighborhood of 700 Req/sec, but performance with Beta3 is half of this. Note from Nasser Iranikhah <niran@broadcom.com>: "On the same machine when I build the apache based on openssl-0.9.6c/mod_ssl_2.8.5-1.3.22/apache_1.3.22 I get over 700 Req/sec using the same driver." This is currently being discussed on the (private) bcm5820-impl-list@redhat.com. A note from Jimmy Ruane <jruane@broadcom.com>: > 4) Performance is still 1/2 where it should be. ---cut-- > Regarding 4) we believe the problem is with Apache. We are speculating > a debug version may be running.
I got ~770 R/s when I ran 20 parallel sessions of "speed rsa1024 -engine ubsec" under openssl-0.9.6c or the one that comes with beta3. This should prove that openssl is okay, the problem may reside in apache.
Do you have the i386 or i686 openssl installed?
I am not sure if I undrestand the question! I downloaded the openssl-0.9.6c and compiled it on my Dell PowerEdge 2500 with 2x1000MHz CPU and compared with the openssl that was installed from the Beta3 distrobution.
Specifically, what is the output of: rpm -q --queryformat '%{arch}\n' openssl ?
It is i686.
To determine if the problem truly is apache, please compare the packaged 1.3.23 with 1.3.23 built from source (not version 1.3.22 listed above). When you build 1.3.23 from source, do the figures match up with the 1.3.23 package, or with the 1.3.22 source build?
Per Howard' test here are the results: with SW only (and using apache go with RH beta4): performance: ~110 request/s With SW only: (and using apache that I manually build) apache-1.3.22 : ~270 request/s apache-1.3.23 : ~174 request/s I just downloaded the latest RH8.0 beta4 and the performance is still bad. Here is what I found: with RH7.2 released, it using apache-1.3.22 ==> performance: 760 request/s with RH8.0 beta3&4 , it using apache-1.3.23 ==> performance: 400 request/s If I compile apache-1.3.22 ==> performance: 760 request/s If I compile apache-1.3.23 ==> performance: 400 request/s so look like the performance issue is relate to the new Apache version 1.3.23
Created attachment 52904 [details] Candidate patch for mod_ssl slowdowns.
Please try the patch for mod_ssl I've just attached and see if that helps.
As per Howard testing: I applied the patch into mod_ssl-2.8.7-1.3.23 and compiled using apache_1.3.23. here is what I got: with 5820, performance ~746 request/second. with SW only, performance ~271 request/second. This is the normal performance we were expecting. I hope this change gets through the RC1. Thank you for all your help.
The fix is merged into mod_ssl-2.8.7-4. Closing.