Best utilizing fat long pipes and large file transfer

Kevin Oberman oberman at es.net
Thu Jun 12 21:34:46 CDT 2008


> From: "Robert E. Seastrom" <rs at seastrom.com>
> Date: Thu, 12 Jun 2008 21:15:49 -0400
> 
> 
> Randy Bush <randy at psg.com> writes:
> 
> > and for those of us who are addicted to simple rsync, or whatever over
> > ssh, you should be aware of the really bad openssh windowing issue.
> 
> As a user of hpn-ssh for years, I have to wonder if there is any
> reason (aside from the sheer cussedness for which Theo is infamous)
> that the window improvements at least from hpn-ssh haven't been
> backported into mainline openssh?  I suppose there might be
> portability concerns with the multithreaded ciphers, and there's
> certainly a good argument for not supporting NONE as a cipher type out
> of the box without a recompile, but there's not much excuse for the
> fixed size tiny buffers - I mean, it's 2008 already...

Theo is known for his amazing stubbornness, but for area involving
security and cryptography, I find it hard to say that his conservatism
is excessive. Crypto is hard and often it is very non-intuitive. I
remember the long discussions on entropy harvesting and seeding in
FreeBSD which fortunately has cryptography professionals who could pick
every nit and make sure FreeBSD did not end up with Debian-type egg all
over its virtual face.

Than again, the tiny buffers are silly and I can't imagine any possible
security issue there. 
-- 
R. Kevin Oberman, Network Engineer
Energy Sciences Network (ESnet)
Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab)
E-mail: oberman at es.net			Phone: +1 510 486-8634
Key fingerprint:059B 2DDF 031C 9BA3 14A4  EADA 927D EBB3 987B 3751
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 224 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20080612/b41baf0d/attachment.bin>


More information about the NANOG mailing list