Next: Benchmark Variables
Up: A Study of the Protocols
Previous: Smart ethernet cards
Our test machines are x86 architecture machines running OpenBSD 3.0.
More specifically, they are 1 GHz Intel PIII machines with 256 MB of
registered PC133 SDRAM, 10 GB Western Digital Protege IDE hard drives, Intel
PRO/1000 F network adapters and some 3Com 3c905B 100Mbps network adapters.
We chose Supermicro 370DE6 motherboards based on the ServerWorks
Serverset III HE-SL chipset with dual PCI buses. Thus we were able to place
our gigabit cards and crypto-cards on separate PCI buses.
For some of our experiments we used the Broadcom 5820 crypto-cards.
The manufacturer of these cards advertises 300Mbps 3DES; our own
evaluation showed a peak measured performance of around 260Mbps,
probably due to operating system overhead. We summarize our results in
Figure 1. Notice that even in the best case
(host-to-host, large socket buffers), we only get slightly over half
the nominal throughput. We believe this is a deficiency in the device
driver, but did not investigate in great detail. However, given that
(a) the performance of all the security protocols we measure is
dominated by the cost of encryption, (b) the throughput of those
protocols is markedly lower than the unencrypted protocols (ftp,
http, and unencrypted ttcp[1]), and (c) we present
absolute performance numbers, this should not affect the validity of
our experiments: better-performing ethernet cards/drivers would only
improve the throughput numbers of the unencrypted protocols.
Next: Benchmark Variables
Up: A Study of the Protocols
Previous: Smart ethernet cards
Stefan Miltchev
4/17/2002