Our first measurements determine the authorization overheads for netAuth,
by using a light weight authentication with minimal overhead.
The authorization mechanism limits which users can use the service,
it is implemented outside of application.
Table 2:
Elapse times for the micro-benchmarks and the Unix-style
concurrent server (see Section 3). No
authentication is performed in any of these cases.
The time specified are all in micro seconds.
|
| |
UNIX |
NetAuth |
Overhead |
| |
(microseconds) |
(microseconds) |
|
| bind |
6.00 |
6.75 |
12.5% |
| connect |
28.00 |
32.00 |
14.28% |
| connect-send-recv (Unix style) |
145.00 |
157.00 |
8.27% |
|
The measurements are given in Table 2,
are of netAuth vs. unmodified Linux:
- the time to perform a bind by a server
increased by 12.5% due to the overhead of doing the authorization checks.
- the time to complete a connect (as measured) on the client-side
increased by 14.28%,
due to client-side and server-side authorization checks.
The elapsed time includes a round trip packet time.
- the time to do a connect-send-recv (as measured) on the client
is considered next.
(The server must do a accept- fork-setuid-recv-send).
The send and recv are 128 bytes of data.
For the UNIX case, the total time was about 145 microseconds while
for the NetAuth case the time was about 157 microseconds,
an overhead of 8.27%.
The most costly operation is the fork performed at the server
to create a new per-user process.
We note that these overheads are best case [26],
normally latency issues are higher.
Moreover, no performance tuning has yet been done
on the netAuth implementation.
Manigandan Radhakrishnan
2008-05-13
