[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: SSL trouble
> And there is the third alternative, hierarchical search, which
> distributes the task of giving out keys. This is admittedly a
> little bit more involved, of course. The SKSP had provisions for
> doing it hierarchically, as far as I understood it, although
> I might be wrong.
Indeed, it does, and we plan to provide a "local CPU farm" server
which can be used when a number of machine are sharing the same ID.
> What I wonder is wheter the server congestion really showed that
> the protocol is flawed.
No -- but that the early version of the code were buggy.
As it is, 6 clients which are still running are managing to keep the
server permanently busy.
I think the protocol itself is OKish ..
> Handing out bigger blocks relieved the situation.
Not really.
It did however mean that when a chunk was allocated, three times as
much work was done !
> 1. The server knows approximately how many requests per second it
> can take, and tells the clients this information.
Hmm -- hard to tell -- the *server* can take lots, but if the
*clients* have problems, things go wrong.
A select/poll server is not going to be tried on the next one -- that'll only
be used if that goes slow as well ...
> 2. The client initially does a testrun, and determines how fast it
> runs.
The latest version of brloop starts with a call of "brutessl -q -t 1"
to decide how big the chunks should be ...
> 3. Each client is handed a block that, given the approximate number
> of currently pending and active blocks out there, together with the
> calculation time of the client, will give an acceptable number of
> requests/time unit to the server.
I suspect that figures would be too crude ...
The server would have to keep track of clients and how long their
sessions take ....
Should a client which takes 20s for a session be given blocks that take
20 times longer to process than one which manages it in 1s ?
> 4. The server acks (S-ACK) the block-ack to the client.
Sorry -- what does that mean ?
> If the client doesn't get an ack (S-ACK) from the server for its ack (B-ACK),
> it keeps the ack around til the next block is calculated, and sends this
> ack together with the new acks.
Sorry -- I'm lost ...
> 5. The server can hand out allocated blocks to others, for those
> blocks that has not been acked in three times the estimated
> calculation time.
I've split allocation from ACKs.
One server just doles out keys, the other just collects the ACKs.
I don't want to add that sort of realtime feedback.
What do you do about WWW clients ?
What if someone grabe a big chunk, farms it out to several machines,
and they ACK bits back ... ?
> 6. If a client is unable to get a key allocation after a number of
> tries, it can chose a random block and search that. It can then be
> acked to the server. This may result in overlapping blocks, but this
> should not pose such a big problem, since most of the key space is
> searched in an orderly manner anyway.
Again no realtime fedback from ACKs :-(
> It would be very interesting if detailed statistics or the logfile
> of the server could be published somewhere. How many machines were
> involved? etc...
That'll come -- as the WWW pags says. pelase let me know what stats you'd like.