[Hipl-core] About the hipfw-performance branch

Christof Mroz Mon, 13 Sep 2010 10:11:18 -0700

This branch focuses on enhancing ESP forwarding throughput in hipfw by
setting up iptables rules for known destination/spi combinations rather
than looking these up in userspace every time. You may still revert to
the old behaviour by giving the -u option.


Here's some iperf output using two VMs running hipd connected by a VM
running hipfw:

=== trunk ===

------------------------------------------------------------
Server listening on TCP port 5001
TCP window size: 85.3 KByte (default)
------------------------------------------------------------
[  4] local 2001:10:8453:d73e:de44:24de:51e:1e77 port 5001 connected
with 2001:11:2910:6a40:17f1:d819:d272:ea99 port 60265
[ ID] Interval       Transfer     Bandwidth
[  4]  0.0-10.3 sec  12.0 MBytes  9.80 Mbits/sec

------------------------------------------------------------
Client connecting to 2001:10:8453:d73e:de44:24de:51e:1e77, TCP port 5001
TCP window size: 16.0 KByte (default)
------------------------------------------------------------
[  3] local 2001:11:2910:6a40:17f1:d819:d272:ea99 port 60265 connected with 
2001:10:8453:d73e:de44:24de:51e:1e77 port 5001
[ ID] Interval       Transfer     Bandwidth
[  3]  0.0-10.1 sec  12.0 MBytes  9.97 Mbits/sec

=== hipfw-performance ===

------------------------------------------------------------
Server listening on TCP port 5001
TCP window size: 85.3 KByte (default)
------------------------------------------------------------
[  4] local 2001:10:8453:d73e:de44:24de:51e:1e77 port 5001 connected with 
2001:11:2910:6a40:17f1:d819:d272:ea99 port 50461
[ ID] Interval       Transfer     Bandwidth
[  4]  0.0-10.0 sec  21.1 MBytes  17.7 Mbits/sec

------------------------------------------------------------
Client connecting to 2001:10:8453:d73e:de44:24de:51e:1e77, TCP port 5001
TCP window size: 16.0 KByte (default)
------------------------------------------------------------
[  3] local 2001:11:2910:6a40:17f1:d819:d272:ea99 port 50461 connected with 
2001:10:8453:d73e:de44:24de:51e:1e77 port 5001
[ ID] Interval       Transfer     Bandwidth
[  3]  0.0-10.0 sec  21.1 MBytes  17.7 Mbits/sec

Extensions more or less impaired by these patches and not tested so far:
- userspace_ipsec
        Always use old behaviour if enabled.
- relay
        No rules added for connections requesting because the packets
        need to be rewritten. Other connections should still benefit
        from speedup.
- LSI
        May probably be sped up too (packet marking).
- opportunistic mode
- midauth
- lightweight update

These are marked TODO in code for reference.

_______________________________________________
Mailing list: https://launchpad.net/~hipl-core
Post to     : [email protected]
Unsubscribe : https://launchpad.net/~hipl-core
More help   : https://help.launchpad.net/ListHelp

[Hipl-core] About the hipfw-performance branch

Reply via email to