the % numbers seen high for a clean network and a reasonable fast client. The 5% really not reasonable. No jumbo frames? No network retries (netstats)?
*Daemeon Reiydelle* *email: daeme...@gmail.com <daeme...@gmail.com>* *San Francisco 1.415.501.0198/Skype daemeon.c.m.reiydelle* *"Why is it so hard to rhyme either Life or Love?" - Sondheim* On Sun, Feb 6, 2022 at 6:06 PM Dinesh Joshi <djo...@apache.org> wrote: > I wish there was an easy answer to this question. Like you pointed out it > is hardware dependent but software stack plays a big part. For instance, > the JVM you're running makes a difference too. Cassandra comes with netty > and IIRC we include tcnative which accelerates TLS. You could also slip > Amazon's Corretto Crypto Provider into your runtime. I am not suggesting > using everything all at once but a combination of libraries, runtimes, JVM, > OS, cipher suites can make a big difference. Therefore it is best to try it > out on your stack. > > Typically modern hardware has accelerators for common encryption > algorithms. If the software stack enables you to optimally take advantage > of the hardware then you could see very little to no impact on latencies. > > Cassandra maintains persistent connections therefore the visible impact is > on connection establishment time (TLS handshake is expensive). Encryption > will make thundering herd problems worse. You should watch out for those > two issues. > > Dinesh > > > On Feb 5, 2022, at 3:53 AM, onmstester onmstester <onmstes...@zoho.com> > wrote: > > Hi, > > Anyone measured impact of wire encryption using TLS > (client_encryption/server_encryption) on cluster latency/throughput? > It may be dependent on Hardware or even data model but I already did some > sort of measurements and got to 2% for client encryption and 3-5% for > client + server encryption and wanted to validate that with community. > > Best Regards > > Sent using Zoho Mail <https://www.zoho.com/mail/> > > > >
