1ssllatency.bt(8) System Manager's Manual ssllatency.bt(8)
2
6 ssllatency.bt - Show SSL/TLS handshake latency histogram. Uses bpf‐
7 trace/eBPF.
8
10 ssllatency.bt
11
13 ssllatency shows latency distribution for OpenSSL handshake functions.
14 This is useful for performance analysis with different crypto cipher
15 suite, async SSL acceleration by CPU or offload device, etc.
16 This tool works by dynamic tracing the uprobes in OpenSSL and related
18 crypto libs, and may need updating to match future changes to these
19 functions.
20 Since this uses BPF, only the root user can use this tool.
22
24 CONFIG_BPF and bpftrace.
25
27 Trace SSL/TLS handshake latency, and print a histogram on Ctrl-C:
28 # ssllatency.bt
29
31 0th A function name is shown in "@hist[...]" followed by latency
32 histogram and "@stat[...]" followed by total call count, aver‐
33 age, total latency in microseconds. Non-zero failed calls are
34 traced separately (in "@histF[]" and "@statF[]") for some func‐
35 tions.
36 1st, 2nd
38 This is a range of latency, in microseconds (shown in "[...)"
39 set notation).
40 3rd A column showing the count of operations in this range.
42 4th This is an ASCII histogram representing the count column.
44
46 SSL/TLS handshake usually contains network latency and the traced
47 crypto functions are CPU intensive tasks, so call frequency should be
48 low and the overhead of this tool is expected to be negligible.
49
51 This is from bpftrace.
52 https://github.com/iovisor/bpftrace
54 Also look in the bpftrace distribution for a companion _examples.txt
56 file containing example usage, output, and commentary for this tool.
57 There is a bcc tool sslsniff that can show SSL/TLS handshake event la‐
59 tency before sniffing the plaintext in SSL_read/write. This tool pro‐
60 vides more detailed crypto latency distribution during the handshake
61 event.
62 https://github.com/iovisor/bcc
64
66 Linux
67
69 Unstable - in development.
70
72 Tao Xu
73
75 sslsnoop.bt(8)
76USER COMMANDS 2021-12-28 ssllatency.bt(8)