KVM Entropy

I increased the SSL performance further by increasing the entropy pool. I tried following the instructions elsewhere but ran into some problems. While it increased the entropy pool on the host machine, it did nothing for the VM.

So, in order to increase the entropy pool for the VM, I had to enable an extra setting:

RNGDOPTIONS="--fill-watermark=90% --feed-interval=1"

That quickly drove up the entropy pool. The net result is better SSL performance with an improvement of about +30% concurrent connections. I don’t know about the quality of the random numbers but for the purpose of my application, it should suffice.

The only consumer of the random numbers is the SSL. It is only use for ephemeral data transfers. It does not matter if someone deciphers the information because by the time they do, it will no longer be very useful.

Published by

Shawn Tan

Chip Doctor, Chartered Engineer, Entrepreneur, Law Graduate.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s