Re: TCP network cost

From: Linos
Subject: Re: TCP network cost
Date: ,
Msg-id: 49AAD965.8020404@linos.es
(view: Whole thread, Raw)
In response to: Re: TCP network cost  (Magnus Hagander)
List: pgsql-performance

Tree view

TCP network cost  ("Ross J. Reedstrom", )
 Re: TCP network cost  (Rusty Conover, )
  Re: TCP network cost  (, )
  Re: TCP network cost  ("Ross J. Reedstrom", )
   Re: TCP network cost  (Rusty Conover, )
    Re: TCP network cost  ("Ross J. Reedstrom", )
     Re: TCP network cost  ("Ross J. Reedstrom", )
      Re: TCP network cost  (Aaron Turner, )
     Re: TCP network cost  (PFC, )
      Re: TCP network cost  ("Ross J. Reedstrom", )
   Re: TCP network cost  (Gregory Stark, )
    Re: TCP network cost  ("Ross J. Reedstrom", )
     Re: TCP network cost  (Tom Lane, )
      Re: TCP network cost  ("Ross J. Reedstrom", )
       Re: TCP network cost  (Linos, )
        Re: TCP network cost  (Tom Lane, )
         Re: TCP network cost  (Linos, )
          Re: TCP network cost  (Tom Lane, )
           Re: TCP network cost  (Linos, )
            Re: TCP network cost  (Tom Lane, )
             Re: TCP network cost  (Magnus Hagander, )
              Re: TCP network cost  (Linos, )
 Re: TCP network cost  (Aaron Turner, )

Magnus Hagander escribió:
> Tom Lane wrote:
>> Linos <> writes:
>>> Tom Lane escribió:
>>>> That's just weird --- ssl off should be ssl off no matter which knob you
>>>> use to turn it off.  Are you sure it's really off in the slow connections?
>>> Maybe i am missing something, i use the same command to connect to it
>>> from localhost "psql -d database -h localhost" and in the pcap files i
>>> have captured the protocol it is clear (with "ssl = false" or "ssl =
>>> true" either), but in the debian machine with "ssl = true" in
>>> postgresql.conf you can see in the pcap file big time jumps between
>>> data packets, psql commandline enables automatically ssl if the server
>>> supports it?
>> Yeah, the default behavior is to do SSL if supported; see PGSSLMODE.
>> Non-TCP connections never do SSL, though.  One possibility to check
>> is that one of the two distros has altered the default value of
>> PGSSLMODE.
>
> IIRC, debian ships with a default certificate for the postgres
> installation, so it can actually *use* SSL by default. I don't know if
> other distros do that - I think most require you to actually create a
> certificate yourself.
>
> //Magnus

Yeah i have tested with PGSSLMODE environment and it makes the difference when
it is activated, debian ships with a cert that makes it enabled by default but
Arch Linux no, i get with wireshark in the data packets from postgresql
"unreassembled packet" so i thought that was the same but obviously one it is
using ssl and the other not, and before now i have not noticed but psql gives me
the hint that it is connect by ssl with the line "conexión SSL (cifrado:
DHE-RSA-AES256-SHA, bits: 256)" after connect, i did not know that ssl activated
would have this speed penalty, goes from 110 ms to 4200ms, Thanks Tom and Magnus
for the help.

Regards,
Miguel Angel.


pgsql-performance by date:

From: "Cox, Brian"
Date:
Subject: Re: "slow" queries
From: Tom Lane
Date:
Subject: Re: "slow" queries