[stunnel-users] 23 secs to list 5000 files using stunnel and samba

This is a discussion on [stunnel-users] 23 secs to list 5000 files using stunnel and samba within the Stunnel Users forums, part of the Networking and Network Related category; --===============0634443198== Content-Type: multipart/alternative; boundary="----=_Part_558_6043436.1207105929973" ------=_Part_558_6043436.1207105929973 Content-Type: text/plain; charset=ISO-8859-1 ...


Go Back   Usenet Forums > Networking and Network Related > Stunnel Users

Reload this Page [stunnel-users] 23 secs to list 5000 files using stunnel and samba

FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply

 

LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old 04-02-2008
Paul Kerin
 
Posts: n/a
Default [stunnel-users] 23 secs to list 5000 files using stunnel and samba
--===============0634443198==
Content-Type: multipart/alternative;
boundary="----=_Part_558_6043436.1207105929973"

------=_Part_558_6043436.1207105929973
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

Hi

I'm using the following s/w versions on RHEL3:

Stunnel: 4.04 (also experimenting with 4.22, no difference so far)
Samba: 3.0.9-1.3E.10
Kernel: 2.4.21-32.0.1.EL

Stunnel is used to encrypt samba connections from linux clients because
redhat 3 doesn't support NTLMv2 (cifs not standard and probably not an
option). To list 5000 files (simply typing ls within a mounted directory on
the client) it consistently takes around 20-23 seconds to return the data.
Listing is almost instantaneous when using a windows client, or using a
linux client without stunnel. As a side note, if I pipe the result to
/dev/null it takes around 9 seconds (?). The network forwarding path from
the samba client to samba server is: smbclient > localhost:924 > stunnel >
remotehost:923 > stunnel > samba server (port 446)

Tcpdump shows that when using stunnel about 10500 packets are
generated, minus stunnel it's more like 500. I'd expect some overhead
related to SSL, but 21 times the traffic seems a little excessive. I've
experimented with socket options such as TCP_NODELAY, SO_LINGER,
SO_RCVLOWAT, SO_OOBINLINE, etc with no improvement at all. However, my
understanding of these is pretty superficial so I'm not confident I've
exhausted all options here (ie perhaps combining multiple settings at once).

I've got stunnel debug set to 7 on client and server. No errors and no
logging at all except for the initial handshake when the mount is created.
Including the tcpdump would probably be excessive at this stage. In
summary, using stunnel the data gets transmitted in packets usually
containing around 200 bytes, whereas without stunnel it's mostly 1408 byte
packets.

Any suggestions?

Thanks

Paul

------=_Part_558_6043436.1207105929973
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

<div>Hi</div>
<div>&nbsp;</div>
<div>I'm using the following s/w versions on RHEL3:</div>
<div>&nbsp;</div>
<div>Stunnel: 4.04&nbsp;&nbsp; (also experimenting with 4.22, no difference so far)</div>
<div>Samba: 3.0.9-1.3E.10</div>
<div>Kernel: 2.4.21-32.0.1.EL</div>
<div>&nbsp;</div>
<div>Stunnel is used to encrypt samba connections from linux clients because redhat 3 doesn't support NTLMv2 (cifs not standard and probably not an option).&nbsp; To list 5000 files (simply typing ls within a mounted directory on the client) it consistently takes around 20-23 seconds to return the data.&nbsp; Listing is almost instantaneous when using a windows client, or using a linux client without stunnel.&nbsp; As a side note, if I pipe the result to /dev/null it takes around 9 seconds (?).&nbsp; The&nbsp;network forwarding&nbsp;path from the samba client to samba server is: smbclient &gt; localhost:924 &gt; stunnel &gt; remotehost:923 &gt; stunnel &gt; samba server (port 446)</div>

<div>&nbsp;</div>
<div>Tcpdump shows that&nbsp;when using stunnel about 10500 packets are generated,&nbsp;minus stunnel it's more like 500.&nbsp; I'd expect some overhead related to SSL, but&nbsp;21 times the&nbsp;traffic seems a little excessive.&nbsp; I've experimented with socket options such as TCP_NODELAY, SO_LINGER, SO_RCVLOWAT, SO_OOBINLINE,&nbsp;etc with no improvement at all.&nbsp; However, my understanding of these is pretty superficial so I'm not confident I've exhausted all options here (ie perhaps combining multiple settings at once).</div>

<div>&nbsp;</div>
<div>I've got stunnel debug set to 7 on client and server.&nbsp; No errors and no logging at all except for the initial handshake when the mount is created.&nbsp; Including the tcpdump would probably be excessive at this stage.&nbsp; In summary, using stunnel the data gets transmitted in packets usually containing&nbsp;around 200 bytes, whereas without stunnel it's mostly 1408 byte packets.</div>

<div>&nbsp;</div>
<div>Any suggestions?</div>
<div>&nbsp;</div>
<div>Thanks</div>
<div>&nbsp;</div>
<div>Paul</div>

------=_Part_558_6043436.1207105929973--

--===============0634443198==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

_______________________________________________
stunnel-users mailing list
stunnel-users@mirt.net
http://stunnel.mirt.net/mailman/listinfo/stunnel-users

--===============0634443198==--
Reply With Quote
Reply

« Previous Thread | Next Thread »

Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are Off
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT +1. The time now is 08:06 AM.

Contact Us - Usenet Forums - Archive - Top

Powered by vBulletin® Version 3.6.8
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.0.0