From owner-freebsd-current@FreeBSD.ORG  Fri Sep 10 03:02:06 2004
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
Delivered-To: freebsd-current@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id 9640516A4CE; Fri, 10 Sep 2004 03:02:06 +0000 (GMT)
Received: from fledge.watson.org (fledge.watson.org [204.156.12.50])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id 872BC43D3F; Fri, 10 Sep 2004 03:02:02 +0000 (GMT)
	(envelope-from robert@fledge.watson.org)
Received: from fledge.watson.org (localhost [127.0.0.1])
	by fledge.watson.org (8.13.1/8.13.1) with ESMTP id i8A2xeph032545;
	Thu, 9 Sep 2004 22:59:40 -0400 (EDT)
	(envelope-from robert@fledge.watson.org)
Received: from localhost (robert@localhost)i8A2xdG2032542;
	Thu, 9 Sep 2004 22:59:40 -0400 (EDT)
	(envelope-from robert@fledge.watson.org)
Date: Thu, 9 Sep 2004 22:59:39 -0400 (EDT)
From: Robert Watson <rwatson@freebsd.org>
X-Sender: robert@fledge.watson.org
To: jason <jason@ec.rr.com>
In-Reply-To: <4141034C.1080700@ec.rr.com>
Message-ID: <Pine.NEB.3.96L.1040909225821.28893A-100000@fledge.watson.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
cc: Daniel Eriksson <daniel_k_eriksson@telia.com>
cc: current@freebsd.org
Subject: Re: FreeBSD 5.3 Bridge performance take II
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
	<freebsd-current.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 10 Sep 2004 03:02:06 -0000


On Thu, 9 Sep 2004, jason wrote:

> >>If you're not already disabling harvesting of entropy on interrupts and
> >>in network processing, you really want to for performance purposes.
> >>    
> >
> >How do I disable this without causing entropy starvation for "typical" use
> >cases (ssl? ssh?)? I googled a bit and found nothing at all about how to
> >disable excessive harvesting.
> >
> ># sysctl -a | grep harvest
> >kern.random.sys.harvest.ethernet: 1
> >kern.random.sys.harvest.point_to_point: 1
> >kern.random.sys.harvest.interrupt: 1
> >kern.random.sys.harvest.swi: 0
> >
> >These are the knobs I know about. Is it enough to turn
> >kern.random.sys.harvest.ethernet and kern.random.sys.harvest.interrupt to 0,
> >or are there other things I need to do too?

I'd set kern.random.sys.harvest.ethernet to 0 because the incremental
benefits beyond harvesting the interrupt are pretty low.

> That is what I did.  I have not bench marked, but I did allot of
> searching on the web and reading man pages.  I just can't make the
> changes permanent.  When I put them in loader.conf they seem to be
> ignored.  Any suggestions to make it stick? 

I've CC'd markm because he's probably interested -- right now, you have to
set it in /etc/sysctl.conf because a tunable is not defined.  I think it
would be a good idea to make them tunable, however, as well.

Robert N M Watson             FreeBSD Core Team, TrustedBSD Projects
robert@fledge.watson.org      Principal Research Scientist, McAfee Research