What It Does
This article highlights some of the non-threading ConfigurationContext methods that are available to the developer that can be configured to affect the performance of the SSHD server - assuming the default values are not producing the required results.

By the end of the article the reader should have an awareness of how the SSHD server performance can be fine tuned.

In addition to this the SSHD Threading Model article highlights the threading related methods that can also be configured for performance results.

ConfigurationContext::addListeningInterface(String addressToBind, int portToBind)
Used by SSHDeamon::startup() to define number and addresses of ServerSocketChannels, the more supplied the more listening sockets created each bound to their respective address and port. Replaces deprecated, ConfigurationContext::setBindPort(int bindPort) and ConfigurationContext::setBindAddress(String bindAddress).

ConfigurationContext::setChannelLimit(int maxChannels)
Maximum number of channels per client. All terminal sessions, forwarded connections etc, are channels; default is 10 channels.

ConfigurationContext::setCompressionLevel(int compressionLevel)
Zlib compression level, an integer from 1 to 9; 1 is fastest producing the least compression, 9 is slowest and produces the most.

ConfigurationContext::setKeyExchangePacketLimit(int MAX_NUM_PACKETS_BEFORE_REKEY)
Used by TransportProtocol::sendNextMessage() method to determine if key exchange process needs to be repeated. By default key exchange is repeated after 2147483647 data packets. Any new assignment must be greater than 100.

ConfigurationContext::setKeyExchangeTransferLimit(int MAX_NUM_BYTES_BEFORE_REKEY)
Used by TransportProtocol::sendNextMessage() method to determine if key exchange process needs to be repeated. By default key exchange is repeated after 1073741824 bytes. Any new assignment must be greater than 1024000. Both packet limit and byte limits are checked, if either threshold has been breached key exchange is performed.

ConfigurationContext::setMaxAuthentications(int maxAuthentications)
Defines threshold for connection attempts. If after the default 10th connection fails connection to server by client is closed.

ConfigurationContext::setPublicKeyStore(PublicKeyStore publicKeyStore)
The default implementation searches a users home directory for .ssh/authorized_keys file. This method enables one to change this behaviour by implementing a specific store type, for instance one may want to lookup the user key from a database.

ConfigurationContext::setRemoteForwardingCancelKillsTunnels(boolean killTunnelsOnRemoteForwardingCancel)
Flag to determine whether any active remote forwarding tunnels are killed when the user cancels a remote forwarding configuration.

ConfigurationContext::setSessionProvider(java.lang.Class sessionProvider)
Supply a different SessionProvider class than default the UnsupportedSession class that simply returns a message that the server does not support an interactive session.

ConfigurationContext::setSessionTimeout(int sessionTimeoutSeconds)
If a SelectableChannel is idle for mor than sessionTimeoutSeconds the SelectableChannel is closed.

ConfigurationContext::setSFTPCharsetEncoding(java.lang.String sftpCharsetEncoding)
Define default encoding of filenames in SFTP sessions, default encoding for the currently supported SFTP protocol is ISO-8859-1.

ConfigurationContext::setSocketOptionKeepAlive(boolean keepAlive)
Set the SO_KEEP_ALIVE flag on the SocketChannels. This flag is used to determine state of peer host by sending regular keepalive probes to the peer to determine its state. If the state of the peer is RST or no response is received the socket terminates the connection.

ConfigurationContext::setSocketOptionReuseAddress(boolean reuseAddress)
Sets the SO_REUSEADDR flag on the ServerSocketServer. This flag enables a socket to be reused again even if a previous connection on the socket is not fully closed. Usually when a socket is closed it enters a timeout state where the socket is not fully closed but waits a TIME_WAIT duration. After that duration the socket ends the connection. If the server is bound to a well known socket address or port it may not be possible to bind a socket to the required socket address if there is a connection in the timeout state involving the socket address or port.

ConfigurationContext::setSocketOptionTcpNoDelay(boolean tcpNoDelay)
False turns on Nagle's algorithm whilst true, the algorithm is not used.

Nagle's algorithm is used to improve TCP performance on systems using slow connections (for example, wide-area networks (WANs). When the algorithm is used TCP attempts to prevent several small chunks of data from being sent to the remote system by bundling the data in larger packets. If the data written to the socket does not fill the required buffer size, the protocol waits for more data until either the buffer is filled or a specific amount of time has expired. Once the buffer is full or a timeout has occurred, the packet is sent.

In most scenarios, performance is best if algorithm is off (set to true).

ConfigurationContext::setWritableInterestedOps(int writableInterestedOps)
To send/receive data through the selector we have to register an interest in reading or writing, when an interest is registered the event is fired when the socket is ready to read/write. This method defines what events are registered when the API is ready to write. By default OP_READ and OP_WRITE are registered, when we want to write we are also registering read which means a read event could also be fired.

If this is set to just OP_WRITE then only the write event will be fired by adding OP_READ as well it allows read events to be triggered when a write even occurs meaning a read event might be read a little sooner else it would have to wait till its read event is triggered, in the case where there is a considerable amount to write this might not be for sometime.

2005 SSHTools Ltd, All Rights Reserved