SG-2440 high cpu/sluggish while urandom

rofl

System:
2.4.4-RELEASE-p3 (amd64)
Netgate SG-2440

Im doing some /dev/urandom creating files for testing speed. While creating these files the system becomes really sluggish and even stops system from time to time:

$ dd if=/dev/random of=/tmp/speedtest bs=1024 count=100000

top -aSH:

   19 root       -16    -     0K    16K CPU0    0 218:52 100.00% [rand_harvestq]
   11 root       155 ki31     0K    32K RUN     0 647:33  78.04% [idle{idle: cpu0}]
   11 root       155 ki31     0K    32K RUN     1 515:38  20.94% [idle{idle: cpu1}]

I have tracked some issues in FreeBSD regarding this:
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=230808
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=219216
https://svnweb.freebsd.org/base?view=revision&revision=345981

Are there any known fixes/workarounds for this?

kiokoman

random != urandom

random device will only return random bytes within the estimated number of bits of noise in the entropy pool. when the entropy pool is empty, reads from /dev/random will block until additional environmental noise is gathered

urandom device will not block waiting for more entropy.

When you need random data fast, you should use /dev/urandom
For cryptographic purposes you should use /dev/random

kiokoman@nanto:~$ dd if=/dev/random of=/tmp/speedtest bs=1024 count=100000
dd: warning: partial read (115 bytes); suggest iflag=fullblock
0+100000 record in
0+100000 record out
8194031 bytes (8,2 MB, 7,8 MiB) copied, 8,15628 s, 1,0 MB/s

kiokoman@nanto:~$ dd if=/dev/urandom of=/tmp/speedtest bs=1024 count=100000
100000+0 record in
100000+0 record out
102400000 bytes (102 MB, 98 MiB) copied, 1,88982 s, 54,2 MB/s