Slow HTTPS on Nehalem Mac Pro

Discussion in 'Mac Pro' started by Kris Kelvin, Jul 27, 2017.

  1. Kris Kelvin, Jul 27, 2017
    Last edited: Aug 1, 2017

    Kris Kelvin macrumors regular

    Dec 28, 2005
    I've recently noticed a very strange phenomenon on my Mac Pro 2009 (flashed to MacPro5,1) with a Xeon W5590 (Nehalem) using macOS 10.12.6:
    • Slow downloads (5MB/s) over HTTPS in Safari and other Apple apps to some hosts (e.g. 102_hd_platforms_state_of_the_union.mp4)
    • Activity Monitor is reporting network activity of 50MB/s, as is the router. There is definitely 500MBit/s of traffic flowing to the computer (which is still too little, but way more than Safari claims to get).
    • `Safari Networking` consumes ~100% CPU (= 1 thread) while downloading
    • Happens in all user accounts of this machine (including fresh ones); happens on a fresh install of macOS 10.12.6 as well
    • The problem persists in Safe Boot
    • Plain HTTP is fine (100MB/s)
    • Chrome is fine (100MB/s)
    • Other computers in the same network are fine (100MB/s)
    • When using Charles proxy, the download looks normal, but seems to be CPU-limited to 15MB/s
    Looking at the call trace with Instruments, I see a lot of CPU time spent in AES decryption. My theory is that Apple at some point updated their TLS libraries to support Intel's AES-NI instruction set, which the Nehalem architecture lacks. Additionally, there seems to be some error in the fallback that leads to the weird behaviour I'm seeing (90% of traffic "lost").

    Does anyone with a Nehalem Mac Pro and a fast internet link see the same?

    Update: The 50MB/s number is accurate and no traffic is actually lost: When all data is transferred, Safari will finish the download with speeds > 500MB/s. The data is buffered in RAM (as can be seen by the growing memory consumption of the `Safari Networking` process).
  2. Kris Kelvin thread starter macrumors regular

    Dec 28, 2005
    So i did what every reasonable person would do: Upgrade the two W5590 to X5690!

    "Crypto Score" in Geekbench 4 jumped from 147 to 1636 in Single-Core mode.
    And indeed, HTTPS downloads in Safari are now 100MB/s+ (if the host delivers) and behave as they should.
  3. ActionableMango macrumors G3


    Sep 21, 2010
    Since Westmere procs do have AES-NI, it would seem your theory was correct then.

Share This Page