Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    HTTPS on Hyper-V an order of magnitude faster than HTTP?

    Scheduled Pinned Locked Moved Virtualization
    3 Posts 2 Posters 866 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • L
      lburton
      last edited by

      I feel this may be the incorrect thread for this as I don't really have strong evidence this is related to Hyper-V but.. I'm seeing oddly differential performance on http vs https (https is faster by an order of magnitude to the same host?)  I'm clearly missing something obvious but apparently I'm too blind to see it :)

      
      root@downquark ~/windowsize # ./test;tar cJf windowsize.tar.xz *;
      Running https - https://198.145.20.143/archlinux/iso/latest/archlinux-2014.11.01-dual.iso
      tcpdump: listening on br0, link-type EN10MB (Ethernet), capture size 65535 bytes
      --2014-11-15 00:05:20--  https://198.145.20.143/archlinux/iso/latest/archlinux-2014.11.01-dual.iso
      Connecting to 198.145.20.143:443... connected.
          WARNING: certificate common name ‘mirrors.kernel.org’ doesn't match requested host name ‘198.145.20.143’.
      HTTP request sent, awaiting response... 200 OK
      Length: 605028352 (577M) [application/octet-stream]
      Saving to: ‘/dev/null’
      
       8% [========>                                                                                                            ] 51,623,448  10.4MB/s  eta 51s    53418 packets captured
      53418 packets received by filter
      0 packets dropped by kernel
      Running http - http://198.145.20.143/archlinux/iso/latest/archlinux-2014.11.01-dual.iso
      tcpdump: listening on br0, link-type EN10MB (Ethernet), capture size 65535 bytes
      --2014-11-15 00:05:28--  http://198.145.20.143/archlinux/iso/latest/archlinux-2014.11.01-dual.iso
      Connecting to 198.145.20.143:80... connected.
      HTTP request sent, awaiting response... 200 OK
      Length: 605028352 (577M) [application/octet-stream]
      Saving to: ‘/dev/null’
      
       1% [>                                                                                                                    ] 7,863,336   1.52MB/s  eta 5m 53s 9095 packets captured
      9095 packets received by filter
      0 packets dropped by kernel
      https.txt:     max win adv:          473856 bytes     max win adv:           17792 bytes
      https.txt:     min win adv:           29312 bytes     min win adv:           15616 bytes
      https.txt:     zero win adv:              0 times     zero win adv:              0 times
      https.txt:     avg win adv:          463863 bytes     avg win adv:           17791 bytes
      https.txt:     throughput:              117 Bps       throughput:         10584379 Bps
      http.txt:     max win adv:         1085056 bytes     max win adv:           15616 bytes
      http.txt:     min win adv:           29312 bytes     min win adv:           15616 bytes
      http.txt:     zero win adv:              0 times     zero win adv:              0 times
      http.txt:     avg win adv:          484018 bytes     avg win adv:           15616 bytes
      http.txt:     throughput:               31 Bps       throughput:          1616185 Bps
      
      

      test looks like:

      
      #!/bin/zsh
      typeset -A urls
      urls=("https" "https://198.145.20.143/archlinux/iso/latest/archlinux-2014.11.01-dual.iso" "http" "http://198.145.20.143/archlinux/iso/latest/archlinux-2014.11.01-dual.iso")
      host="198.145.20.143"
      for n in "${(@k)urls}"; do
          echo "Running $n - $urls[$n]";
          tcpdump -i br0 -B 8192 host "$host" -w "$n.pcap" &
          sleep 2
          wget --no-check-certificate "$urls[$n]" -O /dev/null &
          sleep 5
          kill %3;sleep 1;kill %2
          tcptrace -l -r -W "$n.pcap" > "$n.txt"
      done
      egrep "(win adv|throughput)" *.txt
      
      

      The pcaps/etc are @ https://mrow.org/files/windowsize.tar.xz

      tcptrace output is @ https://mrow.org/files/http.txt and https://mrow.org/files/https.txt

      Edit:
      Also just tried on the router itself – same issue:

      
      [2.2-BETA][root@lburton-router2.sea.mrow.org]/root/tester: cat ./test ; ./test ; tar cJf windowsize-router.tar.xz *
      #!/usr/local/bin/zsh
      typeset -A urls
      urls=("https-router" "https://198.145.20.143/archlinux/iso/latest/archlinux-2014.11.01-dual.iso" "http-router" "http://198.145.20.143/archlinux/iso/latest/archlinux-2014.11.01-dual.iso")
      host="198.145.20.143"
      for n in "${(@k)urls}"; do
          echo "Running $n - $urls[$n]";
          tcpdump -i hn1 -B 8192 -w "$n.pcap" host "$host" &
          sleep 2
          wget --no-check-certificate "$urls[$n]" -O /dev/null &
          sleep 5
          kill %3;sleep 1;kill %2
          tcptrace -l -r -W "$n.pcap" > "$n.txt"
      done
      egrep "(win adv|throughput)" *.txt
      Running http-router - http://198.145.20.143/archlinux/iso/latest/archlinux-2014.11.01-dual.iso
      tcpdump: listening on hn1, link-type EN10MB (Ethernet), capture size 65535 bytes
      converted 'http://198.145.20.143/archlinux/iso/latest/archlinux-2014.11.01-dual.iso' (US-ASCII) -> 'http://198.145.20.143/archlinux/iso/latest/archlinux-2014.11.01-dual.iso' (UTF-8)
      --2014-11-15 01:40:38--  http://198.145.20.143/archlinux/iso/latest/archlinux-2014.11.01-dual.iso
      Connecting to 198.145.20.143:80... connected.
      HTTP request sent, awaiting response... 200 OK
      Length: 605028352 (577M) [application/octet-stream]
      Saving to: '/dev/null'
      
      /dev/null                                 2%[>                                                                              ]  12.19M  2.43MB/s   eta 3m 53s17872 packets captured
      19263 packets received by filter
      0 packets dropped by kernel
      Running https-router - https://198.145.20.143/archlinux/iso/latest/archlinux-2014.11.01-dual.iso
      tcpdump: listening on hn1, link-type EN10MB (Ethernet), capture size 65535 bytes
      converted 'https://198.145.20.143/archlinux/iso/latest/archlinux-2014.11.01-dual.iso' (US-ASCII) -> 'https://198.145.20.143/archlinux/iso/latest/archlinux-2014.11.01-dual.iso' (UTF-8)
      --2014-11-15 01:40:46--  https://198.145.20.143/archlinux/iso/latest/archlinux-2014.11.01-dual.iso
      Connecting to 198.145.20.143:443... connected.
      WARNING: cannot verify 198.145.20.143's certificate, issued by '/C=IL/O=StartCom Ltd./OU=Secure Digital Certificate Signing/CN=StartCom Class 2 Primary Intermediate Server CA':
        Unable to locally verify the issuer's authority.
          WARNING: certificate common name 'mirrors.kernel.org' doesn't match requested host name '198.145.20.143'.
      HTTP request sent, awaiting response... 200 OK
      Length: 605028352 (577M) [application/octet-stream]
      Saving to: '/dev/null'
      
      /dev/null                                21%[===============>                                                               ] 123.68M  25.0MB/s   eta 18s   26271 packets captured
      187467 packets received by filter
      158959 packets dropped by kernel
      http-router.txt:     max win adv:          394240 bytes     max win adv:           15616 bytes
      http-router.txt:     min win adv:            6144 bytes     min win adv:           15616 bytes
      http-router.txt:     zero win adv:              0 times     zero win adv:              0 times
      http-router.txt:     avg win adv:          342327 bytes     avg win adv:           15616 bytes
      http-router.txt:     throughput:               30 Bps       throughput:          2357229 Bps
      https-router.txt:     max win adv:             122 bytes     max win adv:               0 bytes
      https-router.txt:     min win adv:             122 bytes     min win adv:               0 bytes
      https-router.txt:     zero win adv:              0 times     zero win adv:              0 times
      https-router.txt:     avg win adv:             122 bytes     avg win adv:               0 bytes
      https-router.txt:     throughput:               NA           throughput:               NA
      https-router.txt:     max win adv:          476160 bytes     max win adv:           17792 bytes
      https-router.txt:     min win adv:           43520 bytes     min win adv:           15616 bytes
      https-router.txt:     zero win adv:              0 times     zero win adv:              0 times
      https-router.txt:     avg win adv:          407804 bytes     avg win adv:           17791 bytes
      https-router.txt:     throughput:              123 Bps       throughput:          3996093 Bps
      
      

      The pcaps/etc are @ https://mrow.org/files/windowsize-router.tar.xz

      tcptrace output is @ https://mrow.org/files/http-router.txt and https://mrow.org/files/https-router.txt

      1 Reply Last reply Reply Quote 0
      • L
        lburton
        last edited by

        This was actually due to a Netgear GS108Ev3 which has a firmware bug or similar causing bad QoS behavior – took me a pair of Ethernet couplers and some time to track down.  I am not the only one http://forum1.netgear.com/showthread.php?t=93251

        1 Reply Last reply Reply Quote 0
        • C
          cmb
          last edited by

          Thanks for the follow up.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.