Elliot Dierksen
Guru
- Joined
- Dec 29, 2014
- Messages
- 1,135
I was experimienting over the weekend with doing a zfs send of a snapshot from my primary FreeNAS to the secondary. I was a little dismayed at the speed, but I noticed that the secondary unit (Dual Intel(R) Xeon(R) CPU E5-2637 0 @ 3.00GHz - 128G RAM) was just pounded pretty hard. The primary unit (Dual Intel(R) Xeon(R) CPU E5-2637 v2 @ 3.50GHz - 256G RAM) was taking a bit of a hit, but much smaller than the secondary. I know the CPU in the primary is a lot stronger. The thing that surprised me is that the encrypt/decrypt of SSH seemed to be what was chewing up all the CPU. I wanted to enabled the blowfish-cbc cipher, but I didn't see how I could that without hacking on system files that might get overwritten after a reboot. aes128-cbc seemed to be the lighted weight one, and that has given me some noticeably better throughput. Security isn't a concern in the environment because the 10G network is a disconnected network. Only the FreeNAS boxes and the ESXi hosts have interfaces there. I would be fine doing the zfs send/recv without encryption, but I didn't see a way to do that. I saw some forum references to using something wide open like
nc
but maybe I am not willing go that far. Any suggestions for optimal speed for zfs send/recv over SSH with as little CPU/encryption impact as possible?