Netdev 0x17 venue

Vancouver, Canada

Previous editions

Netdev 0x16 (Lisbon, 2022)

Netdev 0x15 (Virtual, 2021)

Netdev 0x14 (Virtual, 2020)

Netdev 0x13 (Prague, 2019)

Netdev 0x12 (Montréal, 2018)

Netdev 2.2 (Seoul, 2017)

Netdev 2.1 (Montréal, 2017)

Netdev 1.2 (Tokyo, 2016)

Netdev 1.1 (Seville, 2016)

Netdev 0.1 (Ottawa, 2015)

Fosstodon

Netdev Conf

NETDEV VIDEOS

YouTube channel

Session

Multi-core IPsec tunnels

Speakers

Daniel Xu
Vlad Dumitrescu
Antony Antony

Label

Nuts and Bolts

Session Type

Talk

Contents

video

Description

Single pair Child Security Association (SA) IPsec tunnels, while being the de facto standard in network security, have a notable limitation: their design constrains them to a single CPU. This fails to take advantage of modern multi-core systems.

Our solution uses multiple identical child SAs which has the benefit that each stream has its own Sequence Number Counter, ensuring that CPUs don’t have to synchronize their crypto state or disable their packet replay protection.

This presentation will dive into the design, implementation, and performance of multi-child-SA IPsec tunnels.

Recent News

Group Booking Discount at Paradox Hotel
[Mon, 16, Oct. 2023]

Bronze Sponsor, Relianoid
[Fri, 06, Oct. 2023]

Registration is now Open
[Mon, 18, Sep. 2023]

Bronze Sponsor, NVIDIA
[Fri, 15, Sep. 2023]

Silver Sponsor, Intel®
[Tue, 12, Sep. 2023]

Important Dates

Closing of CFS	Aug 27th, 2023
Notification by	Sep 15th, 2023
Conference dates	Oct 30th - Nov 3rd, 2023