List:MySQL ODBC« Previous MessageNext Message »
From:Ed Carp Date:November 6 2002 10:37pm
Subject:RE: MyODBC performance and VPN
View as plain text  
> The same performance issues come into play with a Hardware VPN router in
> place. So this makes me think that the performance degregation is due to
> the encryption for some reason.

For some reason?  Sorry your company put technology in place and didn't
explain the impact to you, or how the technology works.

There are three separate issues to consider - that of encryption, that of
compression, and that of routing.  To enhance performance and security,
security vendors usually compress the data stream before encryption, so
there is a potential impact there.  Also, the choice of encryption algorithm
can have a large impact on throughput - for example, Blowfish and Rejindahl
are faster than 3DES, and IDEA is somewhere in the middle.  Also, depending
on how the routing is set up, the first route may be failing, timing out,
then going out an alternate route, if the routing is set up incorrectly.  A
major hint here is how the data flows - if it sends out a connection packet,
waits a while, then sends out more connection packets, there's probably
something wrong with your routing.  It also may be that if you're using
Diffie-Hellman key exchange, and the key sizes are set very large, your
routers may be taking up to 45 seconds to generate keys.  If your router is
set to regenerate keys quickly, this can have a major impact on your
throughput.

We use SSH to route data via MyODBC, instead of expensive, complicated
hardware VPN solutions and are quite satisfied with the performance, by the
way.

Thread
MyODBC performance and VPNDaniel Bernard7 Nov
  • RE: MyODBC performance and VPNEd Carp7 Nov