Overall status and goals

110 views
Skip to first unread message

Alan Hannan

unread,
Nov 8, 2015, 12:39:20 PM11/8/15
to highspeedencryption
This group forms out of a discussion on hacker news around 7-November, 2015.

Several folks are interested in getting ~10gbps traffic encrypted between two servers, and there is a dearth of empirical examples or how tos on how to do it.

Several clear references are made to ~2.5gbps posted by epistasis to strongswan comments that recommend a way to get 2.5gbps:


For others who are interested, here's a thread that culminates in the 2.5Gbps number:

http://permalink.gmane.org/gmane.linux.network/280175

And here's some StrongSwan documentation about getting there:

https://wiki.strongswan.org/projects/strongswan/wiki/Pcrypt


There are a few things unclear to me:

1.  By itself, with the per-flow encryption only work on a single cpu, or will it load share across cpus?
2.  If we setup parallel ipsec tunnels, how can we reliably load balance across them with minimal work
3.  Will cpu masking/affinity help us load share

Appreciate everyone's thoughts and inputs.

Best,

Alan

Alan Hannan

unread,
Nov 8, 2015, 12:48:58 PM11/8/15
to highspeedencryption

1.  By itself, with the per-flow encryption only work on a single cpu, or will it load share across cpus?


https://wiki.strongswan.org/projects/strongswan/wiki/Pcrypt  explains that it will load share with certain module and configuration:

Parallel Crypto Engine for the Linux Kernel

The Linux kernel encrypts and decrypt IPsec packets on a single CPU core only by default. Since 2.6.34 the pcrypt module (CONFIG_PCRYPT) allows parallelizing this to all available cores.

The module may be loaded with modprobe pcrypt.

Instantiating Algorithm Drivers

To actually use pcrypt, specific crypto drivers must be instantiated with tcrypt or crconf.

tcrypt

The crypto testing module tcrypt (CONFIG_CRYPTO_TEST) is intended for self-testing algorithm implementations, but may be used to instantiate crypto algorithms.

For instance, to parallelize IPsec SAs that use AES with SHA-256 use this (type 3 is AEAD):

modprobe tcrypt alg="pcrypt(authenc(hmac(sha256),cbc(aes)))" type=3

This command is expected to fail with something like:

modprobe: ERROR: could not insert 'tcrypt': Resource temporarily unavailable

To parallelized AES-GCM the following may be used:

modprobe tcrypt alg="pcrypt(rfc4106(gcm(aes)))" type=3

It's also possible to select a specific implementation of the algorithms, the most efficient implementation should usually be selected automatically, though:

modprobe tcrypt alg="pcrypt(rfc4106(gcm(aes-aesni)))" type=3
 

cva...@gmail.com

unread,
Nov 8, 2015, 9:10:52 PM11/8/15
to highspeedencryption
Some background on the pcrypt setup is found in Steffan Klassen's slide deck here:


It appears that he's the author of pcrypt.
Reply all
Reply to author
Forward
0 new messages