rsync & SSL 'for real'
Lawrence D. Dunn
ldunn at cisco.com
Wed Apr 18 05:57:08 GMT 2007
Colleagues,
If you do pursue SSL functionality directly in rsync,
please be sure to take a look at Chris Rapier's work
to "fix" standard ssh implementations, at:
http://www.psc.edu/networking/projects/hpn-ssh/
Turns out "-e ssh" using most libraries puts a fixed-window-size
ssh-windowing
behavior on top of TCP - so for large bandwidth*delay product paths,
even if you use large TCP buffers (which Wayne added for such paths),
an "un-fixed" SSL library can clobber overall performance/throughput,
even for a perfectly clean (no errors/loss) path.
Larry
--
At 3:23 PM -0700 4/17/07, Wayne Davison wrote:
>On Tue, Apr 17, 2007 at 12:52:57PM +0200, Andreas Kotes wrote:
>> I'd be willing to put up the effort to add full (or at least better)
>> SSL support direclty to rsync if the maintainers would agree with it,
>> and would seriously consider including it in the main source in the
>> long run.
>
>I'd be interested in getting SSL support into the main rsync codebase
>(in such a way that it could be conditionally omitted, if needed). I
>haven't had time to really check into it myself (I need to figure out
>why the SSL patch didn't work for me, but never had the impetus to delve
>into it).
>
>Your list of SSL goals seem quite reasonable to me.
>
>..wayne..
>--
>To unsubscribe or change options:
>https://lists.samba.org/mailman/listinfo/rsync
>Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html
More information about the rsync
mailing list