That CPU should be plenty fast enough, if dmcrypt is fine, then I’d hazard a guess it is a kernel+zfs version interaction. I’ve lost count the number of times kernel internal APIs broke ZFS performance, but all I know is the current Arch Linux LTS kernel + ZFS DKMS package seem fine. And FreeBSD just always trucks on regardless
Tried some tests on three machines I have. In the ZFS tests, actually cat
seemed to be the bottleneck - it was using nearly one whole core with spare CPU left.
Files created using /dev/urandom and dropping cache (echo 3 > /proc/sys/vm/drop_caches
) or export/import ZFS pool between runs:
Machine 1 (Lenovo Yoga laptop)
zfs-2.1.4 / Arch Linux kernel 5.15.45 / Intel Core i5-11300H
ZFS
ZFS dataset: aes-256-gcm, no compression , single NVMe WD SN700
cat * (many big files) | pv > /dev/null
277GiB 0:03:00 [ 1.54GiB/s]
dmcrypt
cryptsetup benchmark | grep aes-xts
aes-xts 256b 5276.9 MiB/s 5289.6 MiB/s
aes-xts 512b 4672.7 MiB/s 4641.1 MiB/s
No spare partition to try dmcrypt + xfs.
Machine 2 (Broadwell Xeon NAS)
zfs-2.1.4 / FreeBSD 13.1-RELEASE / Intel Xeon E3-1285Lv4
ZFS
ZFS + aes-256-gcm , zstd-1 , single SATA Seagate Exos ST18000NM000J
cat bigfile.bin | pv > /dev/null
16.5GiB 0:01:47 [ 156MiB/s]
ZFS + aes-256-gcm , zstd-1 , two SATA Crucial MX500 2TB SSD
tar cf - lots_of_small_files | pv > /dev/null
68GiB 0:00:18 [ 323MiB/s]
No dmcrypt support to try.
Machine 3 (desktop)
zfs-2.1.4 / Arch Linux kernel 5.15.48 / EPYC 74F3
ZFS
dataset: aes-256-gcm, no compression , single NVMe WD SN850
cat 100G.bin | pv > /dev/null
97.7GiB 0:00:51 [1.91GiB/s]
Seems to be bottlenecked on cat - most cores remain idle.
cat was using one core at 95%, 6x z_rd_int_{0…5} threads using 15% CPU each.
dmcrypt
cryptsetup benchmark | grep aes-xts
aes-xts 256b 3915.3 MiB/s 4483.6 MiB/s
aes-xts 512b 3768.9 MiB/s 3798.2 MiB/s
xfs on dmcrypt, default luksFormat options - aes-xts-plain64 512bit
cat /mnt/xfs/250G.bin | pv > /dev/null
5.47GiB/s
edit 1: I was curious how fast AES could go on this box, 191GB/s? - now if only programs could use multiple threads when reading files …
openssl speed -evp aes-256-xts -multi $(nproc)
evp 13653662.79k 58340319.00k 123940645.46k 173261454.68k 190404837.38k 191108440.11k