On Wed, Aug 6, 2014 at 7:12 AM, David Sommerseth <openvpn.l...@topphemmelig.net> wrote: > > With this in mind, it does make sense to split out the asymmetric > encryption phases to a separate core, which can allow other symmetric > encrypted traffic to flow more freely. > > But, this is just splitting stuff into 2 threads. Any modern > computers doesn't really have that *few* CPU cores. (Even cellphones > seems to have at least 4 cores these days). So even though the > benefit of using 2 threads will be noticed, it can be done better.
Every time I've seen a project that wasn't written to be thread-safe in the first place converted to use threads, it seems like it takes about 10 years for all of the bugs to be shaken out. > What *if* there are 3 "thread groups"? One of these groups is a > single thread which is a SSL state manager. It keeps tracks of all > keys being used, and which state each client is in. Then there is a > "thread group" with symmetric encryption work, which basically does > the real tunnelling and takes care of the network traffic flow. But > it receives the keying material from the SSL state manager thread. > And then last "thread group" is the one taking care of asymmetric > encryption and the key negotiations. I agree that threads could be more efficient, but I think there would be low-hanging fruit from just forking a pool of worker processes connected with sockets and having the main process hand off the slow part of the rekeying jobs off instead of backing up the main loop. > But! This is going to be a h*** of a lot of work. And almost > everything regarding the event management/scheduler and SSL code in > OpenVPN will be completely rewritten. In addition, it'll be a lot of > fun with the plug-ins and script support. I think you'd just have to add some plumbing to the existing code to talk to the forked instances. And with no worries about accidentally shared variables. -- Les Mikesell lesmikes...@gmail.com ------------------------------------------------------------------------------ Infragistics Professional Build stunning WinForms apps today! Reboot your WinForms applications with our WinForms controls. Build a bridge from your legacy apps to the future. http://pubads.g.doubleclick.net/gampad/clk?id=153845071&iu=/4140/ostg.clktrk _______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users