sFTP overhead (General questions)
Hi,
Are there any statistics available as to the amount of overhead I can expect when transferring a file over sFTP? For example, if I want to transfer a 100K file, how much data is actually being transmitted on the line?
After implementing SSL into our applications using OpenSSL, we estimated an approximate 11 increase in the size of data that's actually transmitted (apart from the transfer of certificates, key negotiation and session establishment). Is it reasonable to assume using sFTP would be similar?
And finally, would there be a difference whether we use the ActiveX or VC components?
Thanks very much,
-- Robert
Re: sFTP overhead
Hi Robert,
wodSFTP will send some extra data during establishing connect with server( sending login, pass, host key...). This is something that you cannot avoid.
I'm pretty sure that wodSFTP will send less data compared with other SFTP clients because other clients has interface that need to be loaded when connection is establish.
ActiveX version (wodSFTP.OCX) of our component has GUI (interface) so you can use COM version (wodSFTP.DLL) instead. COM version will transfer less data.
You mention that you use FTPS (FTP-SSL) protocol also. Why don't you try our wodFtpDLX ActiveX component which supports FTP, FTPS, and SFTP protocol.
All out component has samples. You will find them in component Samples folder. You have 30 days trial period why don't you give a try.
wodFtpDLX has also ActiveX (wodFtpDLX.OCX) and COM version (wodFtpDLX.DLL) of component.
You can find more information about wodFtpDLX here:
http://www.weonlydo.com/index.asp?showform=FtpDLX
here is download link:
http://www.weonlydo.com/Samples/wodFtpDLX.exe
and more help for wodFtpDLX Protocol Property you can find here:
http://www.weonlydo.com/FtpDLX/Help/wodFtpDLXLib~wodFtpDLX~Protocol.html
Hope I helped.
Regards,
Drazen
Re: sFTP overhead
Drazen,
Thanks for replying so quickly...
The reason I was asking about the overhead is because the customer that we are doing the work for would like to have some idea of the additional traffic on the network. They will need to assess if more bandwidth is required at their remote locations.
So, for connection establishment, there is obviously a bit more data going through and that's fine. During the file transfer (and some of their files run into the MB range on a daily basis), do you know how much additional data is being added to account for the encryption?
I believe I would be looking at the COM component of wodSFTP. Our application run in the background and do not have a user interface, therefore no GUI is required. We also don't have a requirement to support sFTP AND FTP. This would be a replacement of the current FTP process. So it would seem the wodSFTP would fit nicely.
This is probably in the documentation somewhere, but can you tell me if the Resume functionality is supported? On both uploads and downloads?
Actually, we implemented SSL (not FTP-SSL) to encrypt messages traveling to/from our server application in a transactional environment (request/reply) - not files. Our application does do FTP in a separate process, but the transfer is not encrypted (yet...)
yes, I will at least be downloading the evaluation copy.
Thanks,
-- Robert
Re: sFTP overhead
Drazen,
I found the Resume property in the online doc... no need to answer that part...
Thanks,
-- Robert
Re: sFTP overhead
Robert,
Unfortunately we don't have information how much data is used for encryption but you can try to use some tool for that like Ethereal or something like that.
If you use same procedure same amount of data should be send.
Drazen
Re: sFTP overhead
Drazen,
Do you have any dll version which supports both FTP, FTPS, SFTP? If no, will I be able to reorder your source code upon purchase to achieve this, or there are some principal limitation on doing this?
Also, do I understand correctly that your sources are VC++ project without MFC?
Re: sFTP overhead
Hi Igor,
We have component wodFtpDLX that supports FTP, FTPS and SFTP protocol.
You can download it here:
http://www.weonlydo.com/Samples/wodFtpDLX.exe
You should use Protocol Property to select protocol you want to use.
You can find here more help for Protocol Property:
http://www.weonlydo.com/FtpDLX/Help/wodFtpDLXLib~wodFtpDLX~Protocol.html
Our source is written in VC6 and you should use it just if we for some reason disappear. In that case you can change source code to fix problem that you have.
Drazen
Re: sFTP overhead
Thank you, Brazen!
I'm aware of wodFtpDLX, but it's only availble in ActiveX COM form, what I don't like. I haven't checked interface docs yet, can I use COM version without registering it at system, by directly invoking CoCreate or similar from dll? Why there is no plain DLL version of this component?
Igor.
Re: sFTP overhead
Igor,
When you install wodFtpDLX you will found two version of wodFtpDLX. ActiveX control (wodFtpDLX.ocx) and COM object (wodFtpDLX.dll).
Is wodFtpDLX.dll maybe what you need? You can find it in Windows System32 folder.
Also you will found samples in wodFtpDLX samples folder, maybe they can help you.
Drazen
Re: sFTP overhead
Thank you, I will try that.
Final question: what is the features difference between SFTPdll and FtpDLX? Does FtpDLX support all features of SFTPdll + plain FTP protocol? What could I miss if I will purchase FtpDLX instead of SFTPdll?
Re: sFTP overhead
Igor,
wodFtpDLX supports all three protocol (FTP, SFTP, FTPS).
You will not miss anything if you buy wodFtpDLX because SFTP protocol is included in wodFtpDLX.
Drazen
Re: sFTP overhead
Igor,
one small note - we actually do have wodFtpDLX available as regular DLL and even as static LIB. We do not sell it officialy, but I can send it to you if you order source code (you would need source code in that case, trust me), and we will help you integrate it with your product.
Although - in my opinion - COM DLL will perform just fine..
If you explain more what are you trying to achieve, perhaps I could be more helpful.
Regards.
Kreso
Re: sFTP overhead
Creso, I'd like to keep application portable. I know I can use COM version directly by invoking LoadLibrary + DllGetClassObject, but I'm afraid your component would try to access wodCertificate.dll by standard COM procedure. Am I right?
Re: sFTP overhead
Igor,
yes, that is correct. Remote certficate is shown as ICertifiate object.
Kreso
Re: sFTP overhead
Kreso,
I haven't yet studied general structure - do you access ICertificate yourself, or I can get an object and pass it to your component? In this case I can live without registration of libraries in system.
Maybe you can tweak code to support portable application - if object is not registered, try to access it directly from the dll lying in same folder?
Also, is there any chance of getting version without dependance on msvcrt.dll? Also, why there are 2 libraries for FTPdlx - can't wodCertificate functionality be incorporated into wodFtpDLX.dll? When making static-linked version it could save some space.
Finally, can I do all this myself if I will purchase sources - that is are sources you supply for full project, so I can use it to build both dlls myself?
Re: sFTP overhead
Igor,
if we move ActiveX/COM technology aside, we do have wodSFTPdll and wodFtpDLX built as regular dynamic or static libraries. We do not sell these - simply because this would introduce TOOOOO much techsupport issues without actual benefit (in terms of money, of course).. Yes, it's all about money after all :)
But when you purchase wodFtpDLX with the source (this is needed since you may need to make certain tweaks), I will include those libraries too, and will help you incorporate them into your project. We did have customers that did it before.
As for non-MSVCRT dependancy.. I am not sure if you can avoid MSVC6 to build libraries like that.
Where there are two libraries? Pick one :) One is windowless DLL, another is Explorer-Alike GUI OCX. Both are FTP components, but OCX one is nicer, it's a matter of choice which one to use.
It doesn't make sense to incorporate wodCertificate into wodFtpDLX since wodCertificate is shared between all our (SSL related) components, and not everyone use it anyway. If you don't need it, you can avoid distributing it completely.
Hope I helped.
Kreso
Re: sFTP overhead
Kreso,
By 2nd library I meant wodCertificate. I understood that I have to redistribute it too?
COM is just fine for me :), I just mean that it can be used without standard registration in system. I have tweaked one of your samples with 10 lines of code and it's working just fine with your dll in my app's folder and without any registration. If you need wodCertificate in runtime, you could do the same and let applications run from flash drive.
Re: sFTP overhead
Igor,
correct, you need to distribute wodCertificate, but only if you plan to use it. If you don't care about certificates, then just don't distribute it :)
Kreso
Re: sFTP overhead
Kreso,
Can I ask you to save me some time searching for docs - when would I need a certificate dll? I just need reading server content, getting and sending files to server - all these with FTP, SFTP and FTPS protocols.
Re: sFTP overhead
Igor,
you may need it if you want to show server certificate to your user, or if your user plan to authenticate with the certificate.
if you plan to do what most of us do when they connect - they trust the software and don't really care - then you don't need wodcertificate at all.
Kreso