Имя пользователя:
Пароль:  
Помощь | Регистрация | Забыли пароль?  

Показать сообщение отдельно

Забанен


Сообщения: 242
Благодарности: 36

Профиль | Цитировать


Цитата crashtuak:
использую openvpn »
openvpn использует openssl для шифрования, последние версии поддерживают aes-ni.
Код: Выделить весь код
:~$ grep "model name" /proc/cpuinfo | head -1
model name	: Intel(R) Core(TM) i5-4440 CPU @ 3.10GHz
:~$ grep aes /proc/cpuinfo | head -1
flags		: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc aperfmperf eagerfpu pni pclmulqdq dtes64 monitor ds_cpl vmx est tm2 ssse3 fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm ida arat xsaveopt pln pts dtherm tpr_shadow vnmi flexpriority ept vpid fsgsbase tsc_adjust bmi1 avx2 smep bmi2 erms invpcid
:~$ openssl speed aes-256-cbc
Doing aes-256 cbc for 3s on 16 size blocks: 17942272 aes-256 cbc's in 3.00s
Doing aes-256 cbc for 3s on 64 size blocks: 4822327 aes-256 cbc's in 3.00s
Doing aes-256 cbc for 3s on 256 size blocks: 1223060 aes-256 cbc's in 2.99s
Doing aes-256 cbc for 3s on 1024 size blocks: 307521 aes-256 cbc's in 3.00s
Doing aes-256 cbc for 3s on 8192 size blocks: 38569 aes-256 cbc's in 3.00s
OpenSSL 1.0.1 14 Mar 2012
built on: Wed Oct 15 17:46:51 UTC 2014
options:bn(64,64) rc4(16x,int) des(idx,cisc,16,int) aes(partial) blowfish(idx)
compiler: cc -fPIC -DOPENSSL_PIC -DZLIB -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -m64 -DL_ENDIAN -DTERMIO -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Wformat-security -Werror=format-security -D_FORTIFY_SOURCE=2 -Wl,-Bsymbolic-functions -Wl,-z,relro -Wa,--noexecstack -Wall -DOPENSSL_NO_TLS1_2_CLIENT -DMD32_REG_T=int -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
The 'numbers' are in 1000s of bytes per second processed.
type             16 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
aes-256 cbc      95692.12k   102876.31k   104716.84k   104967.17k   105319.08k
:~$ openssl speed -evp aes-256-cbc
Doing aes-256-cbc for 3s on 16 size blocks: 92453096 aes-256-cbc's in 3.00s
Doing aes-256-cbc for 3s on 64 size blocks: 24293335 aes-256-cbc's in 3.00s
Doing aes-256-cbc for 3s on 256 size blocks: 6160578 aes-256-cbc's in 2.99s
Doing aes-256-cbc for 3s on 1024 size blocks: 1544089 aes-256-cbc's in 3.00s
Doing aes-256-cbc for 3s on 8192 size blocks: 193280 aes-256-cbc's in 3.00s
OpenSSL 1.0.1 14 Mar 2012
built on: Wed Oct 15 17:46:51 UTC 2014
options:bn(64,64) rc4(16x,int) des(idx,cisc,16,int) aes(partial) blowfish(idx)
compiler: cc -fPIC -DOPENSSL_PIC -DZLIB -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -m64 -DL_ENDIAN -DTERMIO -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Wformat-security -Werror=format-security -D_FORTIFY_SOURCE=2 -Wl,-Bsymbolic-functions -Wl,-z,relro -Wa,--noexecstack -Wall -DOPENSSL_NO_TLS1_2_CLIENT -DMD32_REG_T=int -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
The 'numbers' are in 1000s of bytes per second processed.
type             16 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
aes-256-cbc     493083.18k   518257.81k   527460.86k   527049.05k   527783.25k
5-кратная разница, как видите.
Там есть инфа по тюнингу в тч и для использования aes-ni: https://community.openvpn.net/openvp...Networks_Linux

Отправлено: 13:55, 26-02-2016 | #45