Bug 62346 - Bad SSL Performance with Broadcom 5820
Summary: Bad SSL Performance with Broadcom 5820
Keywords:
Status: CLOSED RAWHIDE
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: apache
Version: 7.3
Hardware: i386
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Nalin Dahyabhai
QA Contact: Brian Brock
URL:
Whiteboard:
Depends On:
Blocks: 61590
TreeView+ depends on / blocked
 
Reported: 2002-03-29 23:30 UTC by Michael E Brown
Modified: 2007-04-18 16:41 UTC (History)
2 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2002-04-11 01:14:13 UTC
Embargoed:


Attachments (Terms of Use)
Candidate patch for mod_ssl slowdowns. (818 bytes, patch)
2002-04-09 18:41 UTC, Nalin Dahyabhai
no flags Details | Diff

Description Michael E Brown 2002-03-29 23:30:14 UTC
Description of Problem:
Performance of SSL with the Broadcom SSL card should be in the neighborhood of
700 Req/sec, but performance with Beta3 is half of this. Note from Nasser
Iranikhah <niran>: 

"On the same machine when I build the apache based on
openssl-0.9.6c/mod_ssl_2.8.5-1.3.22/apache_1.3.22 I get over 700 Req/sec using
the same driver."

This is currently being discussed on the (private) bcm5820-impl-list. 

A note from Jimmy Ruane <jruane>:

> 4) Performance is still 1/2 where it should be.
---cut--
> Regarding 4) we believe the problem is with Apache. We are speculating
> a debug version may be running.

Comment 1 Need Real Name 2002-04-01 17:23:37 UTC
I got ~770 R/s when I ran 20 parallel sessions of  "speed rsa1024 -engine ubsec" under openssl-0.9.6c or the one that comes with beta3.   This 
should prove that openssl is okay, the problem may reside in apache.

Comment 2 Bill Nottingham 2002-04-01 20:52:36 UTC
Do you have the i386 or i686 openssl installed?

Comment 3 Need Real Name 2002-04-03 21:31:40 UTC
I am not sure if I undrestand the question!  I downloaded the openssl-0.9.6c 
and compiled it on my Dell PowerEdge 2500 with 2x1000MHz CPU and compared with 
the openssl that was installed from the Beta3 distrobution.

Comment 4 Nalin Dahyabhai 2002-04-03 23:23:50 UTC
Specifically, what is the output of:
rpm -q --queryformat '%{arch}\n' openssl
?

Comment 5 Need Real Name 2002-04-04 02:48:21 UTC
It is i686.

Comment 6 Nalin Dahyabhai 2002-04-05 08:20:44 UTC
To determine if the problem truly is apache, please compare the packaged 1.3.23
with 1.3.23 built from source (not version 1.3.22 listed above).

When you build 1.3.23 from source, do the figures match up with the 1.3.23
package, or with the 1.3.22 source build?

Comment 7 Need Real Name 2002-04-05 17:48:46 UTC
Per Howard' test here are the results:

with SW only (and using apache go with RH beta4):
performance: ~110 request/s

With SW only: (and using apache that I manually build)
apache-1.3.22 : ~270 request/s
apache-1.3.23 : ~174 request/s

I just downloaded the latest RH8.0 beta4 and the performance is still bad.
Here is what I found:
with RH7.2 released, it using apache-1.3.22  ==> performance: 760
request/s
with RH8.0 beta3&4 , it using apache-1.3.23  ==> performance: 400
request/s
If I compile apache-1.3.22  ==> performance: 760 request/s
If I compile apache-1.3.23  ==> performance: 400 request/s

so look like the performance issue is relate to the new Apache version
1.3.23



Comment 8 Nalin Dahyabhai 2002-04-09 18:41:17 UTC
Created attachment 52904 [details]
Candidate patch for mod_ssl slowdowns.

Comment 9 Nalin Dahyabhai 2002-04-09 18:41:54 UTC
Please try the patch for mod_ssl I've just attached and see if that helps.

Comment 10 Need Real Name 2002-04-11 01:14:08 UTC
As per Howard testing:

I applied the patch into mod_ssl-2.8.7-1.3.23 and compiled using
apache_1.3.23.  here is what I got:
with 5820, performance ~746 request/second.
with SW only, performance ~271 request/second.

This is the normal performance we were expecting.  I hope this change gets 
through the RC1.

Thank you for all your help.


Comment 11 Nalin Dahyabhai 2002-04-11 14:00:28 UTC
The fix is merged into mod_ssl-2.8.7-4.  Closing.


Note You need to log in before you can comment on or make changes to this bug.