AWS IoT connection time

lil_spli
Posts: 18
Joined: Wed May 31, 2017 9:56 am

AWS IoT connection time

Postby lil_spli » Wed Dec 13, 2017 11:46 am

Hi

We're building an application where the ESP32 comes out of deep sleep and needs to connect to AWS IoT. Speed is important here. Waking up and connecting to Wifi and getting an IP is taking about 2.5 seconds (which I'm assuming is as good as we're going to get). The main issue is that connecting to AWS IoT is then taking a further 3.5-4 seconds (with nothing else running), which is pretty slow. I'm aware that the handshake is probably taking a fair bit of that time and we might be limited, but I expected it to be quicker. In another part of the app we're establishing a DTLS connection and whilst I appreciate that's over UDP, the handshake is done much much quicker.

It could be that AWS is just slow, but are there any things I can look for an optimise within the ESP? I've tried configuring Wifi throughput and lWIP (with no improvement) and I'm going to look at ECC certs over RSA, but it's just too slow for our purposes.

Thanks

Simon

ESP_Angus
Posts: 2344
Joined: Sun May 08, 2016 4:11 am

Re: AWS IoT connection time

Postby ESP_Angus » Wed Dec 13, 2017 10:40 pm

Hi Simon,

If you enable debug output from mbedTLS, you'll probably find that most of this time is spent in the TLS handshake. Elliptic Curve ciphersuites (which AWS IoT require) are fairly computationally intensive, so there's a bit of work the ESP32 has to do there. If your DTLS connection uses a different cipher suite (ie RSA-based), this is probably the reason it is significantly faster.

The best thing you can probably do is increase the CPU speed to 240MHz if it's not there already. At 240MHz software MPI (bignumber acceleration) is usually faster than hardware (although it uses a little more RAM), so disable this option if it's enabled.

Angus

lil_spli
Posts: 18
Joined: Wed May 31, 2017 9:56 am

Re: AWS IoT connection time

Postby lil_spli » Thu Dec 14, 2017 1:45 pm

Thanks. I think the certs we're using are actually RSA, but I set it to software BigNum and it does seem to have shaved nearly a second off.

Are there any ways I could save time in the DHCP leasing? I think that's adding a couple of seconds after Wifi has connected.

Thanks


Simon

ESP_Angus
Posts: 2344
Joined: Sun May 08, 2016 4:11 am

Re: AWS IoT connection time

Postby ESP_Angus » Thu Dec 14, 2017 10:05 pm

lil_spli wrote:Thanks. I think the certs we're using are actually RSA, but I set it to software BigNum and it does seem to have shaved nearly a second off.
Ah, you're right! I had not enumerated the ciphersuites on an AWS IoT endpoint before.

If you're using a plain RSA ciphersuite already, it's probably the fastest from the available options - but you could try disabling EC suites and also GCM in the mbedTLS config, see if it makes a difference.
Are there any ways I could save time in the DHCP leasing? I think that's adding a couple of seconds after Wifi has connected.
This is a good idea, but unfortunately I don't think we have any built-in support for this at the moment. I've raised this internally as a suggestion to add, though.

Angus

lil_spli
Posts: 18
Joined: Wed May 31, 2017 9:56 am

Re: AWS IoT connection time

Postby lil_spli » Fri Dec 15, 2017 4:55 pm

Awesome. Disabling the ECC ciphers and GCM reduced the time to 2 seconds!

Thanks for the help


Simon

Who is online

Users browsing this forum: fb_iceg and 86 guests