Problems with SSH and Subversion over SSH/HTTPS

Micah R Ledbetter vlack at vlack.com
Tue Apr 14 23:02:25 UTC 2009 

Hello, all.

I'm having a couple of problems that I can't get to the bottom of. I'm  
using a FreeBSD 7.1-RELEASE-p2 server running on AMD64, serving ssh  
and https, with various Mac OS X and Windows clients. I have recently  
come to wonder if these problems (described below) are related to SSL  
somehow, or perhaps /dev/random. If there's any tuning I could do  
along those lines, or if anyone has any other tips at all that could  
improve this situation, I'd very much love to hear them.


1) Paging through a lot of text over SSH is very slow.

If I compile a large program, or cat a large text file, or even use  
less to page through 8-10 pages of text, ssh becomes very slow.  
Sometimes I can wait it out, and let it catch up after a half minute  
or so, but sometimes I just have to kill ssh and reconnect.

This is notable to me because when I was running other operating  
systems on the same box (Solaris 10 and Linux, at various points in  
the past), which I could of course make my connection fail if I ran  
pathological tests, the difference was like night and day. Now, if I  
cat a file which turns out to be bigger than I expect, typing ^C  
several times - even if I do so just a couple of seconds after I start  
the cat - tends to cancel the cat only rarely... the buffer is so far  
behind that it can't process my input until it catches up, which it  
can't do and I have to end up killing the connection. This is much  
different than my experience with other operating systems.

This happens when I'm using OpenSSH 5.1p1 on my Mac, and when I'm  
using any of several recent versions of PuTTY on the various Windows  
machines.

Oddly, I can get decent speed when copying large files over sftp or  
scp - I haven't done any benchmarks, but it's in line with normal  
network speed for a 100mbps network.


2) SVN over both svn+ssh:// and https:// is also very slow

The repository in question is only three revisions old, and the whole  
repo is less than 200K. All of the files are plain text.

If I check this repo out, via either svn+ssh, or https, using the  
command line client installed on my Mac (which happens to be...  
Subversion 1.5.1), it takes two or three minutes over a perfectly fast  
Internet connection. If I use TortoiseSVN on a Windows machine, it  
takes so long that TSVN times out and says it can't complete the  
transaction. (Using a command-line SVN client on Windows seems to  
produce similar results to the command line client on my Mac).

If I type in the https:// URL for the subversion repository in a web  
browser, and click on individual text files, it displays them much  
more slowly (taking several seconds for a file only a few KB large)  
than I would expect as well.

I have tried this with Subversion version 1.5.1 and 1.6.0, compiled  
from ports, on the FreeBSD server, with no change.


When this is happening, load remains at near 0.00 on the FreeBSD  
server. The network connection is plenty fast, as previously  
mentioned, and the behavior is the same whether I'm connecting over  
the Internet (the FreeBSD box has a 16mbps/2mbps link) or the 100mbps  
local LAN.

For the record: I *have* compiled my own kernel, but its configuration  
differs only from the GENERIC kernel in my appending of the following  
options:

> options     IPFIREWALL
> options     IPDIVERT
> options     GEOM_MIRROR

If necessary, I can test with the GENERIC kernel again.

I have not changed the kern.random parameters, but here they are for  
the sake of completeness. They are in line with the defaults, at least  
as far as i can tell from random(4).

> # sysctl kern.random
> kern.random.yarrow.gengateinterval: 10
> kern.random.yarrow.bins: 10
> kern.random.yarrow.fastthresh: 192
> kern.random.yarrow.slowthresh: 256
> kern.random.yarrow.slowoverthresh: 2
> kern.random.sys.seeded: 1
> kern.random.sys.harvest.ethernet: 1
> kern.random.sys.harvest.point_to_point: 1
> kern.random.sys.harvest.interrupt: 1
> kern.random.sys.harvest.swi: 0


I very much thank anyone for any help they can provide.

  - Micah

More information about the freebsd-questions mailing list