Hi
We're building an application where the ESP32 comes out of deep sleep and needs to connect to AWS IoT. Speed is important here. Waking up and connecting to Wifi and getting an IP is taking about 2.5 seconds (which I'm assuming is as good as we're going to get). The main issue is that connecting to AWS IoT is then taking a further 3.5-4 seconds (with nothing else running), which is pretty slow. I'm aware that the handshake is probably taking a fair bit of that time and we might be limited, but I expected it to be quicker. In another part of the app we're establishing a DTLS connection and whilst I appreciate that's over UDP, the handshake is done much much quicker.
It could be that AWS is just slow, but are there any things I can look for an optimise within the ESP? I've tried configuring Wifi throughput and lWIP (with no improvement) and I'm going to look at ECC certs over RSA, but it's just too slow for our purposes.
Thanks
Simon
AWS IoT connection time
Re: AWS IoT connection time
Hi Simon,
If you enable debug output from mbedTLS, you'll probably find that most of this time is spent in the TLS handshake. Elliptic Curve ciphersuites (which AWS IoT require) are fairly computationally intensive, so there's a bit of work the ESP32 has to do there. If your DTLS connection uses a different cipher suite (ie RSA-based), this is probably the reason it is significantly faster.
The best thing you can probably do is increase the CPU speed to 240MHz if it's not there already. At 240MHz software MPI (bignumber acceleration) is usually faster than hardware (although it uses a little more RAM), so disable this option if it's enabled.
Angus
If you enable debug output from mbedTLS, you'll probably find that most of this time is spent in the TLS handshake. Elliptic Curve ciphersuites (which AWS IoT require) are fairly computationally intensive, so there's a bit of work the ESP32 has to do there. If your DTLS connection uses a different cipher suite (ie RSA-based), this is probably the reason it is significantly faster.
The best thing you can probably do is increase the CPU speed to 240MHz if it's not there already. At 240MHz software MPI (bignumber acceleration) is usually faster than hardware (although it uses a little more RAM), so disable this option if it's enabled.
Angus
Re: AWS IoT connection time
Thanks. I think the certs we're using are actually RSA, but I set it to software BigNum and it does seem to have shaved nearly a second off.
Are there any ways I could save time in the DHCP leasing? I think that's adding a couple of seconds after Wifi has connected.
Thanks
Simon
Are there any ways I could save time in the DHCP leasing? I think that's adding a couple of seconds after Wifi has connected.
Thanks
Simon
Re: AWS IoT connection time
Ah, you're right! I had not enumerated the ciphersuites on an AWS IoT endpoint before.lil_spli wrote:Thanks. I think the certs we're using are actually RSA, but I set it to software BigNum and it does seem to have shaved nearly a second off.
If you're using a plain RSA ciphersuite already, it's probably the fastest from the available options - but you could try disabling EC suites and also GCM in the mbedTLS config, see if it makes a difference.
This is a good idea, but unfortunately I don't think we have any built-in support for this at the moment. I've raised this internally as a suggestion to add, though.Are there any ways I could save time in the DHCP leasing? I think that's adding a couple of seconds after Wifi has connected.
Angus
Re: AWS IoT connection time
Awesome. Disabling the ECC ciphers and GCM reduced the time to 2 seconds!
Thanks for the help
Simon
Thanks for the help
Simon
Who is online
Users browsing this forum: Bing [Bot], Majestic-12 [Bot] and 110 guests