Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

crypto/tls: connection speed decreases significantly when enable TLS #22761

Closed
WANG-lp opened this issue Nov 16, 2017 · 2 comments
Closed

crypto/tls: connection speed decreases significantly when enable TLS #22761

WANG-lp opened this issue Nov 16, 2017 · 2 comments

Comments

@WANG-lp
Copy link

@WANG-lp WANG-lp commented Nov 16, 2017

What version of Go are you using (go version)?

go version go1.9.2 darwin/amd64

Does this issue reproduce with the latest release?

Yes

What operating system and processor architecture are you using (go env)?

GOARCH="amd64"
GOBIN=""
GOEXE=""
GOHOSTARCH="amd64"
GOHOSTOS="darwin"
GOOS="darwin"
GOPATH="/Users/will/go"
GORACE=""
GOROOT="/usr/local/Cellar/go/1.9.2/libexec"
GOTOOLDIR="/usr/local/Cellar/go/1.9.2/libexec/pkg/tool/darwin_amd64"
GCCGO="gccgo"
CC="clang"
GOGCCFLAGS="-fPIC -m64 -pthread -fno-caret-diagnostics -Qunused-arguments -fmessage-length=0 -fdebug-prefix-map=/var/folders/26/bqp0svv9187cxr93vbhdh86m0000gn/T/go-build149896180=/tmp/go-build -gno-record-gcc-switches -fno-common"
CXX="clang++"
CGO_ENABLED="1"
CGO_CFLAGS="-g -O2"
CGO_CPPFLAGS=""
CGO_CXXFLAGS="-g -O2"
CGO_FFLAGS="-g -O2"
CGO_LDFLAGS="-g -O2"
PKG_CONFIG="pkg-config"

What did you do?

I write a simple code to test the go TLS performance. The connection speed decreases significantly when I enable TLS.

Server with TLS enabled:

package main

import (
	"crypto/tls"
	"log"
)

func main() {
	cert, err := tls.LoadX509KeyPair("server.pem", "server.key")
	if err != nil {
		log.Fatal("error while loading server.pem and server.key")
	}
	config := &tls.Config{
		Certificates: []tls.Certificate{cert},
		MinVersion:   tls.VersionTLS10,
	}
	_ = config
	l, _ := tls.Listen("tcp", ":8080", config)
	conn ,_:= l.Accept()
	buff := make([]byte, 4096)
	for {
		_, er := conn.Write(buff)
		if er != nil{
			break
		}
	}
	conn.Close()
	l.Close()
}

Server without TLS:

package main

import (
	"net"
)

func main() {
	//cert, err := tls.LoadX509KeyPair("server.pem", "server.key")
	//if err != nil {
	//	log.Fatal("error while loading server.pem and server.key")
	//}
	//config := &tls.Config{
	//	Certificates: []tls.Certificate{cert},
	//	MinVersion:   tls.VersionTLS10,
	//}
	//_ = config
	l, _ := net.Listen("tcp", ":8080")
	conn ,_:= l.Accept()
	buff := make([]byte, 4096)
	for {
		_, er := conn.Write(buff)
		if er != nil{
			break
		}
	}
	conn.Close()
	l.Close()
}

What did you expect to see?

I use curl to test the network speed:
curl -k https://127.0.0.1:8080 -o test.bin
gives the speed:

curl -k https://127.0.0.1:8080 -o test.bin
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100  377M    0  377M    0     0  35.6M      0 --:--:--  0:00:10 --:--:-- 35.7M

and
curl http://127.0.0.1:8080 -o test.bin
gives the speed:

curl  http://127.0.0.1:8080 -o test.bin
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100 2757M    0 2757M    0     0   507M      0 --:--:--  0:00:05 --:--:--  511M

The speed is only around 35.7MB/s when enabling TLS while it is more than 500MB/s with a plain TCP connection.

P.S. I generated the server.pem and server.key by following these command: https://github.com/denji/golang-tls

@ianlancetaylor ianlancetaylor changed the title TLS: connection speed decreases significantly when enable TLS crypto/tls: connection speed decreases significantly when enable TLS Nov 16, 2017
@ianlancetaylor

This comment has been minimized.

Copy link
Contributor

@ianlancetaylor ianlancetaylor commented Nov 16, 2017

Thanks for the report. However, I don't see how using TLS could possibly be as fast as not using TLS. If you want to investigate ways to speed up Go's TLS implementation, that would be great. Or if you can show that Go's TLS is significantly slower than TLS implementations in some other language, that would be informative. But simply observing that it is slower to use TLS doesn't tell us anything we don't already know.

@WANG-lp

This comment has been minimized.

Copy link
Author

@WANG-lp WANG-lp commented Nov 17, 2017

Problem solved.

The speed drops significantly because of the curl program. I wrote a go client and the TLS speed reached more than 500MB/s on my laptop.

Sorry to bother you.

@WANG-lp WANG-lp closed this Nov 17, 2017
@golang golang locked and limited conversation to collaborators Nov 17, 2018
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
4 participants
You can’t perform that action at this time.