From owner-freebsd-questions@FreeBSD.ORG Thu Jan 15 02:07:03 2009 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B488E106564A for ; Thu, 15 Jan 2009 02:07:03 +0000 (UTC) (envelope-from rwmaillists@googlemail.com) Received: from mail-ew0-f21.google.com (mail-ew0-f21.google.com [209.85.219.21]) by mx1.freebsd.org (Postfix) with ESMTP id 1D7858FC17 for ; Thu, 15 Jan 2009 02:07:02 +0000 (UTC) (envelope-from rwmaillists@googlemail.com) Received: by ewy14 with SMTP id 14so1304700ewy.19 for ; Wed, 14 Jan 2009 18:07:02 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=gamma; h=domainkey-signature:received:received:date:from:cc:subject :message-id:in-reply-to:references:x-mailer:mime-version :content-type:content-transfer-encoding; bh=WqSykwFw9QsqF7yqu1jzo/u/fwO09Phem/9F6GNRh5I=; b=UtEv+T7JVPjDaen5KFJxLr769ImpfRL4cyCYbxGYVokPsKsqVecTJVK/FmA83R+MYI BD10dtzZOK/aafmRDZIV6sGqEof2dH9RdYaOAiOn18KVgB5T4fbgVt/LwTdd+xerm9Oq Ys4ZA6+houlcEmvhgjtVvFXmPvLVjnRwTuXDI= DomainKey-Signature: a=rsa-sha1; c=nofws; d=googlemail.com; s=gamma; h=date:from:cc:subject:message-id:in-reply-to:references:x-mailer :mime-version:content-type:content-transfer-encoding; b=J+IBP9pwoQCidT88tF9X6NFvhX+I2AS3oi7NWRNIpWq5DM6xAuRvcKAb+RBd2STqAA s0NxJOlIIJJqc2LnBY91Z50MIhQKUW//daI9cDESHqa8nSXmjFk99rhgTygrFLs5AX9b n9oliXM/8Vsk8NAl9wMobS+2FwwV1ECYts8ro= Received: by 10.210.39.8 with SMTP id m8mr973316ebm.94.1231985222253; Wed, 14 Jan 2009 18:07:02 -0800 (PST) Received: from gumby.homeunix.com (bb-87-81-140-128.ukonline.co.uk [87.81.140.128]) by mx.google.com with ESMTPS id b36sm696664ika.19.2009.01.14.18.07.00 (version=SSLv3 cipher=RC4-MD5); Wed, 14 Jan 2009 18:07:01 -0800 (PST) Date: Thu, 15 Jan 2009 02:06:58 +0000 From: RW Cc: freebsd-questions@freebsd.org Message-ID: <20090115020658.3b93a3d3@gumby.homeunix.com> In-Reply-To: <20090114232054.GB6422@slackbox.xs4all.nl> References: <20090114175954.GC97086@slackbox.xs4all.nl> <20090114225538.66e001de@gumby.homeunix.com> <20090114232054.GB6422@slackbox.xs4all.nl> X-Mailer: Claws Mail 3.5.0 (GTK+ 2.12.11; i386-portbld-freebsd7.1) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Subject: Re: freebsd encrypted hard disk? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 15 Jan 2009 02:07:03 -0000 On Thu, 15 Jan 2009 00:20:54 +0100 Roland Smith wrote: > On Wed, Jan 14, 2009 at 10:55:38PM +0000, RW wrote: > > Not just in reduced transfer rates, but also in terms of CPU cycles > > used - a sustained geli to geli file copy makes things really slow > > for me. > > That's probably because two geli kernel threads are competing for time > on a single core. I've had problems with that as well (geli-encrypted > USB drive stalling). > > Since I've switched to a multi-core machine (where the number of cores > should be at least equal to the number of geli-encrypted devices), CPU > load for gele has dropped to barely noticable. > I find that puzzling; have you measured that on sustained geli to geli transfers (with GB size files). The reason I'm a bit sceptical is that dd'ing /dev/random to /dev/null runs at about 20MBytes/s on my single core (verses 700MBytes/s for /dev/zero). File copies into geli run at about 15Mbytes/s, openssl enc -aes-256-cbs runs at about the same ballpark figure. Even if I had multi-cores I would still be cpu-limited to 20MB/s, and that would fully occupy two cores on geli to geli transfers. Your cores are probably faster, but I'd expect a factor of two or so would be swallowed-up by faster transfers. I don't see how cpu usage would be negligible unless your individual cores are an order of magnitude faster than that. Just out of curiosity what rate do you get on dd if=/dev/random of=/dev/null bs=64k count=10000 > Looking at the machines on sale at local computer stores only the > absolute rock-bottom spec-ed machines are single core these days. My guess is that you really need quad cores for best performance, so you avoid having all cores in geli.