VPP TLS Plugin: Performance Enhancement With User Space Processing & Pipeline Support

The FD.io Vector Packet Processing (VPP) TLS plugin enhances performance through asynchronous, non-blocking operations.

By utilizing DPDK user space crypto drivers and the OpenSSL Engine framework, TLS crypto operations are asynchronously submitted to hardware, ensuring that the entire TLS processing occurs in user space. With EVP pipeline support, the DPDK crypto driver allows enqueueing of multiple TLS packets for encryption/decryption, leveraging DPDK burst APIs. Enhanced queue management further boosts efficiency.

Key Features:

Engine Registration: Supports multiple engines with specific algorithms for asynchronous operations. User Space Driver: Uses DPDK and OpenSSL Engine for hardware-offloaded, user space TLS processing. Event Handling: Employs an event-driven model for dynamic event management. Polling Mechanism: Monitors asynchronous operations with dedicated polling functions. Callback Functions: Handles completion of TLS operations efficiently. Queue Management: Separates handshake requests from read/write events, reducing contention and improving throughput and latency.

Advantages:

Reduced Contention: Separate queues for different operations enhance smooth processing. Increased Throughput: Parallel processing of operations boosts the number of TLS operations per second. Lower Latency: Faster processing of time-sensitive handshake operations.

These improvements make the VPP TLS plugin a robust solution for high-throughput, low-latency network environments.