Comments (11)
zhou0
commented on July 29, 2024
Since I already have a not short discussion with madeye , please make sure you read that issue on ss-libev project page and understand what i am talking about. Since we have limited options of socket buffer size, the best strategy is requiring the AEAD payload length limit to be 34 bytes less than that. Since it does not make sense to have socket buffer shorter than MTU which is usually 1500, the minimum socket buffer size is usually 2048. So it make sense to require AEAD payload length limit to 2014. Of course you can set that limit say 4062 ( 4096 - 34 ) , but that situation become sub-optimal , such as when a client with shorter socket buffer limit is used to connect to a server with longer socket buffer limit in AEAD mode. The client will most likely have to wait for next socket read to start decryption.
from shadowsocks-org.
madeye
commented on July 29, 2024
@zhou0 I don't think you really understand what we are suggesting...
Shadowsocks protocol won't have any constraint except 16KB upper bound for chunk size. The approach you mentioned is actually implementation specific.
If you really believe your approach can improve the performance, just apply it into your implementation and run some benchmarks. (although I don't think it would work).
from shadowsocks-org.
zhou0
commented on July 29, 2024
I think the pro and cons are very obvious here. A 16K limit does not make sense and it is bad for performance. This should not be left to implementation decisions. And i bet when AEAD in TLS 1.3 is finalized, it will be recommended to use shorter payload , and it will not be anything that is close to 16k.
from shadowsocks-org.
DarienRaymond
commented on July 29, 2024
If you have performance concerns, why not just use a 16k buffer for reading? As long as the payload can be encrypted/decrypted properly, the size of the buffer doesn't matter. Compared with network speed (usually MB/s), computer memory works at GB/s (DDR3-1600, 12800 MB/s). There is really no difference between 16k vs 2k buffer size.
from shadowsocks-org.
zhou0
commented on July 29, 2024
some google guy has said the same in 2013, though in the context of TLS.
https://www.igvita.com/2013/10/24/optimizing-tls-record-size-and-buffering-latency/
He also covered it in "Optimize TLS Record Size" section in his book, https://hpbn.co/transport-layer-security-tls/
in which he also revealed how google dynamically adjusts payload size since 2014 . to repeat, use short payload for the first 1 MB traffic, increasing it to 16KB after the 1MB mark, in case of 1 second inactivity, reset payload size limit back.
from shadowsocks-org.
riobard
commented on July 29, 2024
This is a non-issue at least in go-shadowsocks2 with Nagel's algorithm turned off.
from shadowsocks-org.
zhou0
commented on July 29, 2024
nagel algorithm is at a lower level, not the same level. The problem is generic in any two-pass algorithms, for TLS it is encrypt/decryption and MAC , for Shadowsocks AEAD mode it is authentication and decryption. Shadowsocks stream cipher mode is not affected because it is a one -pass algorithm.
from shadowsocks-org.
riobard
commented on July 29, 2024
Have you measured the actual payload size in an AEAD-protected connection?
from shadowsocks-org.
zhou0
commented on July 29, 2024
Because the actual payload size from any client is usually small, So we need to experiment with servers of different payload size limits to measure the impact on time to first byte. I plan to do so with shadowsocks-perl https://github.com/zhou0/shadowsocks-perl server. I think madeye can also do an independent benchmark with ss-libev server. If the result is convincing, we could adopt something similar with google's approach. The over all strategy is: at the beginning, we use shorter payload size to optimize for latency, If a connection persists after a certain amount of traffic, then we can switch to longer payload size to start optimize for throughput.
from shadowsocks-org.
zhou0
commented on July 29, 2024
The follow debug log shows that the actual payload size limit in ss-libev is 2048, the theoretical value of 16*1024 never occurred in real life. The number after "cipher_decrypt 569" is the actual payload length, it is capped at 2048. a "conn_write 0" after "cipher_decrypt 569 2048" indicates that a chunk is not long enough to start decryption and a write operation is called with zero length plain text which is meaningless .
Please also note that it appears that at the beginning, the first payload length is 1440 and it leads to a write of 1440 to application layer. so from the point of time to first byte, it seems that ss-libev does not really suffer. But this is not true. The first few chunks 1440 2048 2048 251 51 are TLS handshaking traffic. The real time to first byte does not happen at this time, it happens after that, and at that time payload length remains constant at 2048, which is our little problem.
./ssclient-wolfssl:info: initialize_cipher chacha20-ietf-poly1305
KEY: 0x03 0xac 0x9b 0x8c 0xe1 0x12 0xc9 0x9d 0xe7 0x23 0xb7 0x72 0x25 0x40 0x32 0x86 0x8d 0xa6 0x05 0xda 0x90 0x95 0x2b 0xfc 0x5e 0xdb 0x97 0x6f 0x30 0x4d 0xaf 0x89
./ssclient-wolfssl:info: listening on 127.0.0.1:1895
./ssclient-wolfssl:info: conn_read_done 3
./ssclient-wolfssl:info: conn_write 2
./ssclient-wolfssl:info: conn_read_done 17
./ssclient-wolfssl:info: conn_write 22
./ssclient-wolfssl:info: conn_read_done 517
Encryption IV: 0x3e 0x04 0x2f 0x56 0x84 0x9e 0xa8 0x8c 0x53 0x4f 0x1e 0x47 0xf6 0x4d 0x97 0xd2 0x5a 0xd3 0x62 0xcb 0xb9 0xf1 0xdf 0x2a 0xc1 0x93 0xfc 0x09 0x37 0xd0 0x4d 0xad
ENCRYPTION SUBKEY: 0xec 0x46 0x32 0x61 0xc4 0xda 0x98 0xf1 0xc3 0xb3 0x43 0xe6 0x34 0x6a 0x34 0x8c 0xb9 0x9c 0xe9 0x83 0x03 0xe7 0xf5 0x88 0x7d 0xb7 0x7e 0x23 0x4e 0x67 0x52 0x14
./ssclient-wolfssl:info: conn_write 597
./ssclient-wolfssl:info: conn_read_done 1506
Decryption IV: 0x3c 0x71 0x8c 0x6b 0xad 0x73 0xf5 0xcb 0xeb 0xae 0xfa 0xb6 0xfd 0x83 0x2e 0xbb 0x16 0x7e 0xe5 0x34 0xff 0xf9 0x81 0x3d 0x74 0x1b 0x7d 0xc5 0xd8 0x3c 0x6b 0x33
DECRYPTION SUBKEY: 0x40 0x58 0x46 0x92 0x36 0x59 0x09 0x52 0x5c 0x62 0x4c 0x85 0xd9 0xc2 0x16 0x81 0xc2 0x32 0x67 0x35 0x1a 0x28 0x17 0xea 0xbe 0x87 0x02 0x8c 0x02 0xf0 0x8d 0x24
./ssclient-wolfssl:info: cipher_decrypt 569 1440
./ssclient-wolfssl:info: conn_write 1440
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 0
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 353
./ssclient-wolfssl:info: cipher_decrypt 569 251
./ssclient-wolfssl:info: conn_write 2299
./ssclient-wolfssl:info: conn_read_done 191
./ssclient-wolfssl:info: conn_write 225
./ssclient-wolfssl:info: conn_read_done 85
./ssclient-wolfssl:info: cipher_decrypt 569 51
./ssclient-wolfssl:info: conn_write 51
./ssclient-wolfssl:info: conn_read_done 103
./ssclient-wolfssl:info: conn_write 137
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 0
./ssclient-wolfssl:info: conn_read_done 34
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 0
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 448
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 2496
./ssclient-wolfssl:info: conn_read_done 618
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 0
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 1050
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 3098
./ssclient-wolfssl:info: conn_read_done 1186
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 0
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 272
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 333
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 333
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 571
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 0
./ssclient-wolfssl:info: conn_read_done 34
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 0
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 272
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 0
./ssclient-wolfssl:info: conn_read_done 34
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 0
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 272
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 0
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 272
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 0
./ssclient-wolfssl:info: conn_read_done 34
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 0
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 238
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 0
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 170
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 0
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 272
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 0
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 68
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 0
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 204
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 0
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 102
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 0
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 272
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 0
./ssclient-wolfssl:info: conn_read_done 2048
./ssclient-wolfssl:info: cipher_decrypt 569 2048
./ssclient-wolfssl:info: conn_write 2048
./ssclient-wolfssl:info: conn_read_done 994
./ssclient-wolfssl:info: cipher_decrypt 569 892
./ssclient-wolfssl:info: conn_write 2940
./ssclient-wolfssl:info: conn_read_done 31
./ssclient-wolfssl:info: conn_write 65
./ssclient-wolfssl:info: conn_read_done -4095
from shadowsocks-org.
riobard
commented on July 29, 2024
So it proves my point above. Actual payload size depends on buffer size when Nagel's algorithm is turned off. The SS server forwards bytes read from the target server to the client in a single write and the encrypted chunk size will never be larger than the read buffer size of the connection to the target server.
from shadowsocks-org.
Related Issues (20)
- Feature request: Chain Shadowsocks HOT 1
- [Security] Do not engineer vulnerabilities into implementations without public discussions HOT 7
- [One Idea] IP Geolocation Based Filtering HOT 20
- Ahmadtafreshi HOT 1
- Ahmad
- [Peer Review Request]Restls: A Perfect Impersonation of TLS Handshake HOT 5
- 能支持udp over tcp吗 HOT 1
- 日志文件 HOT 1
- OpenWrt client is not working for me
- 能否申请将Java的实现版本也纳入到官方社区中 HOT 1
- Correct wiki entry for "Setup fail2ban" - a jail config error detected HOT 2
- 社区有没有针对SIP023 relay server 的开发计划 HOT 2
- Cannot make the fail2ban setup guide work with systemd journal
- Non-UI Error. Can't start application
- ss://[email protected]:8388#SIP008%0A%0A HOT 1
- 兼容改版shadowsocks
- feature request: sip003 mux / multiplexing spec HOT 1
- Shadowsocks stopped working
- Add 2022 edition shadowsocks methods support for clients
- QR code with username
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from shadowsocks-org.