SFTP packet size limited to 16k - SSH

This is a discussion on SFTP packet size limited to 16k - SSH ; Hi, I've been wondering why I can not receive larger packets than 16 kbytes at a time, even though I have set my applications window size to 137072 bytes and max packet size to 32768 bytes. My application is using ...

+ Reply to Thread
Results 1 to 5 of 5

Thread: SFTP packet size limited to 16k

  1. SFTP packet size limited to 16k

    Hi,

    I've been wondering why I can not receive larger packets
    than 16 kbytes at a time, even though I have set my
    applications window size to 137072 bytes and max packet
    size to 32768 bytes.

    My application is using libssh2 0.12 and I'm interacting
    with OpenSSH_4.2p1, OpenSSL 0.9.7f 22 Mar 2005

    OpenSSH agrees with my window size:

    debug1: server_input_channel_open: ctype session rchan 0 win 131072 max 32768

    but I still get only 16k packets:

    debug1: subsystem: exec() /usr/libexec/openssh/sftp-server
    debug2: fd 8 setting O_NONBLOCK
    debug3: fd 8 is O_NONBLOCK
    debug2: channel 0: rcvd adjust 16195
    debug2: channel 0: rcvd adjust 16128
    ....

    and so on.

    I can get command line tools (scp/sftp) to transfer up ~52k
    packets easily. This has some impact on the overall
    performance of my application.

    --
    remove -asdf and asdf- for email address


  2. Re: SFTP packet size limited to 16k

    jussi.mononen-asdf@asdf-comptel.com wrote:
    > Hi,
    >
    > I've been wondering why I can not receive larger packets
    > than 16 kbytes at a time, even though I have set my
    > applications window size to 137072 bytes and max packet
    > size to 32768 bytes.
    >
    > My application is using libssh2 0.12 and I'm interacting
    > with OpenSSH_4.2p1, OpenSSL 0.9.7f 22 Mar 2005
    >
    > OpenSSH agrees with my window size:
    >
    > debug1: server_input_channel_open: ctype session rchan 0 win 131072 max 32768
    >
    > but I still get only 16k packets:
    >
    > debug1: subsystem: exec() /usr/libexec/openssh/sftp-server
    > debug2: fd 8 setting O_NONBLOCK
    > debug3: fd 8 is O_NONBLOCK
    > debug2: channel 0: rcvd adjust 16195
    > debug2: channel 0: rcvd adjust 16128
    > ...


    Hi again,

    all tips directing to new directions would be greatly
    appreciated. I've spent numerous hours debugging OpenSSH
    ans libssh2 without any luck. There doesn't seem to be
    any suspicious code concerning packet size in either of
    them.

    I've added lots of debug prints while trying to find a
    place where the packet could be splitted. Sftp-server
    fills the output queue properly with 32k packets and it
    even calls the send_data -function with proper length.

    My application sends SSH_FX_READ msg's with a request of
    32k bytes, it is honored by the sftp-server as my debug
    shows, but someone splits the packet after sftp-server
    has dealt with it (I can see that sftp-server writes 32k
    to its stdout).

    Is it possible that something is restricting the pipeline
    between sshd and sftp-server (sounds very unlikely as the
    write size to stdout is the buffer size)?

    Can the channel make conscious decisions of the packet
    size? Or where could this packet split happen?

    --
    remove -asdf and asdf- for email address


  3. Re: SFTP packet size limited to 16k

    >> I've been wondering why I can not receive larger packets
    >> than 16 kbytes at a time, even though I have set my
    >> applications window size to 137072 bytes and max packet
    >> size to 32768 bytes.


    Issue solved. It had nothing to do with the packet size.

    There is a fundamental difference between the use of a
    library and a program that directly implements SSH.

    The libssh2 library is an API and thus must be
    synchronous whereas OpenSSH command line SFTP tool
    is asynchronous. This is a huge difference as the network
    usage is much more efficient in asynchronous implementation.

    So, not much to do there to improve the performance.

    --
    remove -asdf and asdf- for email address


  4. Re: SFTP packet size limited to 16k

    >>>>> "JM" == jussi mononen-asdf writes:

    >>> I've been wondering why I can not receive larger packets than 16
    >>> kbytes at a time, even though I have set my applications window
    >>> size to 137072 bytes and max packet size to 32768 bytes.


    JM> Issue solved. It had nothing to do with the packet size.

    JM> There is a fundamental difference between the use of a library and
    JM> a program that directly implements SSH.

    JM> The libssh2 library is an API and thus must be synchronous whereas
    JM> OpenSSH command line SFTP tool is asynchronous.

    This is incorrect. There is nothing at all to prevent a library API from
    providing asynchronous services. See ideas such as "callbacks" or, in
    better languages, "continuations."

    --
    Richard Silverman
    res@qoxp.net


  5. Re: SFTP packet size limited to 16k

    Richard E. Silverman wrote:
    >>>>>> "JM" == jussi mononen-asdf writes:

    >
    > >>> I've been wondering why I can not receive larger packets than 16
    > >>> kbytes at a time, even though I have set my applications window
    > >>> size to 137072 bytes and max packet size to 32768 bytes.

    >
    > JM> Issue solved. It had nothing to do with the packet size.
    >
    > JM> There is a fundamental difference between the use of a library and
    > JM> a program that directly implements SSH.
    >
    > JM> The libssh2 library is an API and thus must be synchronous whereas
    > JM> OpenSSH command line SFTP tool is asynchronous.
    >
    > This is incorrect. There is nothing at all to prevent a library API from
    > providing asynchronous services. See ideas such as "callbacks" or, in
    > better languages, "continuations."


    You are correct.

    I was thinking this issue from my own point of view, where I am
    dealing with near real-time systems and it is important that
    function calls to 3rd party libraries do not block. That is,
    a function call should perform its duty as fast as possible and
    return, since the control of the program must stay elsewhere.

    Thus, there's a significant difference between synchronous API
    and directly implemented program.

    I have discussed async approach with the libssh2 developers and
    it will added to the lib in the future. The details of the
    implementation are still open.

    Thank you for the correction.

    --
    remove -asdf and asdf- for email address


+ Reply to Thread