Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

crypto/tls: connection speed decreases significantly when enable TLS #22761

Closed
WANG-lp opened this issue Nov 16, 2017 · 2 comments
Closed

crypto/tls: connection speed decreases significantly when enable TLS #22761

WANG-lp opened this issue Nov 16, 2017 · 2 comments
Labels
FrozenDueToAge Performance WaitingForInfo Issue is not actionable because of missing required information, which needs to be provided.
Milestone
Unplanned

Comments

@WANG-lp
Copy link

WANG-lp commented Nov 16, 2017
edited
Loading

What version of Go are you using (go version)?

go version go1.9.2 darwin/amd64

Does this issue reproduce with the latest release?

Yes

What operating system and processor architecture are you using (go env)?

GOARCH="amd64"
GOBIN=""
GOEXE=""
GOHOSTARCH="amd64"
GOHOSTOS="darwin"
GOOS="darwin"
GOPATH="/Users/will/go"
GORACE=""
GOROOT="/usr/local/Cellar/go/1.9.2/libexec"
GOTOOLDIR="/usr/local/Cellar/go/1.9.2/libexec/pkg/tool/darwin_amd64"
GCCGO="gccgo"
CC="clang"
GOGCCFLAGS="-fPIC -m64 -pthread -fno-caret-diagnostics -Qunused-arguments -fmessage-length=0 -fdebug-prefix-map=/var/folders/26/bqp0svv9187cxr93vbhdh86m0000gn/T/go-build149896180=/tmp/go-build -gno-record-gcc-switches -fno-common"
CXX="clang++"
CGO_ENABLED="1"
CGO_CFLAGS="-g -O2"
CGO_CPPFLAGS=""
CGO_CXXFLAGS="-g -O2"
CGO_FFLAGS="-g -O2"
CGO_LDFLAGS="-g -O2"
PKG_CONFIG="pkg-config"

What did you do?

I write a simple code to test the go TLS performance. The connection speed decreases significantly when I enable TLS.

Server with TLS enabled:

package main

import (
	"crypto/tls"
	"log"
)

func main() {
	cert, err := tls.LoadX509KeyPair("server.pem", "server.key")
	if err != nil {
		log.Fatal("error while loading server.pem and server.key")
	}
	config := &tls.Config{
		Certificates: []tls.Certificate{cert},
		MinVersion:   tls.VersionTLS10,
	}
	_ = config
	l, _ := tls.Listen("tcp", ":8080", config)
	conn ,_:= l.Accept()
	buff := make([]byte, 4096)
	for {
		_, er := conn.Write(buff)
		if er != nil{
			break
		}
	}
	conn.Close()
	l.Close()
}

Server without TLS:

package main

import (
	"net"
)

func main() {
	//cert, err := tls.LoadX509KeyPair("server.pem", "server.key")
	//if err != nil {
	//	log.Fatal("error while loading server.pem and server.key")
	//}
	//config := &tls.Config{
	//	Certificates: []tls.Certificate{cert},
	//	MinVersion:   tls.VersionTLS10,
	//}
	//_ = config
	l, _ := net.Listen("tcp", ":8080")
	conn ,_:= l.Accept()
	buff := make([]byte, 4096)
	for {
		_, er := conn.Write(buff)
		if er != nil{
			break
		}
	}
	conn.Close()
	l.Close()
}

What did you expect to see?

I use curl to test the network speed:
curl -k https://127.0.0.1:8080 -o test.bin
gives the speed:

curl -k https://127.0.0.1:8080 -o test.bin
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100  377M    0  377M    0     0  35.6M      0 --:--:--  0:00:10 --:--:-- 35.7M

and
curl http://127.0.0.1:8080 -o test.bin
gives the speed:

curl  http://127.0.0.1:8080 -o test.bin
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100 2757M    0 2757M    0     0   507M      0 --:--:--  0:00:05 --:--:--  511M

The speed is only around 35.7MB/s when enabling TLS while it is more than 500MB/s with a plain TCP connection.

P.S. I generated the server.pem and server.key by following these command: https://github.com/denji/golang-tls
@ianlancetaylor ianlancetaylor changed the title TLS: connection speed decreases significantly when enable TLS crypto/tls: connection speed decreases significantly when enable TLS Nov 16, 2017
@ianlancetaylor
Copy link
Contributor

Thanks for the report. However, I don't see how using TLS could possibly be as fast as not using TLS. If you want to investigate ways to speed up Go's TLS implementation, that would be great. Or if you can show that Go's TLS is significantly slower than TLS implementations in some other language, that would be informative. But simply observing that it is slower to use TLS doesn't tell us anything we don't already know.

@bradfitz bradfitz added Performance WaitingForInfo Issue is not actionable because of missing required information, which needs to be provided. labels Nov 16, 2017
@bradfitz bradfitz added this to the Unplanned milestone Nov 16, 2017
@WANG-lp
Copy link
Author

WANG-lp commented Nov 17, 2017
edited
Loading

Problem solved.

The speed drops significantly because of the curl program. I wrote a go client and the TLS speed reached more than 500MB/s on my laptop.

Sorry to bother you.

@WANG-lp WANG-lp closed this as completed Nov 17, 2017
@golang golang locked and limited conversation to collaborators Nov 17, 2018
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
FrozenDueToAge Performance WaitingForInfo Issue is not actionable because of missing required information, which needs to be provided.
Projects
None yet
Milestone
Unplanned
Development

No branches or pull requests
4 participants
@bradfitz @WANG-lp @ianlancetaylor @gopherbot