[zorp] Zorp slows down web page viewing?

Balazs Scheidler zorp@lists.balabit.hu
Thu, 05 May 2005 16:42:08 +0200

On Wed, 2005-05-04 at 13:53 -0700, Joseph Kim wrote:

> And, for my own curiosity, I tried to compare the throughputs between using 
> zorp and without using zorp.
> In one configuration, I download a webpage 100 times through the machine 
> with zorp running. In other configuration, I download the same webpage 100 
> times directly from our internet gateway router without going through the 
> zorp machine.
> To my surpise, I got the following results:
> Each test includes 100 downloads.
> Test #                                Average throughput
> Configuration                    Zorp                      Direct
> 1                                  737.4 Kbps             642.7 Kbps
> 2                                  711.7 Kbps             646.9 Kbps
> 3                                  721.6 Kbps             615.7 Kbps
> According to the result, zorp actually made the connection faster.
> What kind of magic are you guys playing?

It is probably some kind of measuring problem, something changed between
the two test invocations, and the test program might also be fooled
somewhat (it depends on when the timer is started).

For example if it is started after the HTTP response is received, Zorp
does not send the HTTP header as long as the first real data byte is
received from the server and then it is sent immediately together with
the HTTP header. E.g: where a server would:

client				server
GET		->
		<-		HTTP/1.0 200 OK
				some time
		<-		first data bytes

Zorp converts this to:

client				Zorp			server
GET		->				->
						<-	HTTP/1.0 200 OK
							some time
						<-	first data bytes
		<-		HTTP/1.0 200 OK
		<-		first data bytes

If the timer starts when the header is received then the actual
bandwidth calculated might differ from the case where no Zorp is
present. But of course it does not change reality, Zorp is an additional
processing burden, thus it effectively has to increase network latency.

For deployments where the proxies are not overloaded (and a 1MBit
connection does not overload a current box), the latency change should
be minimal.