[strongSwan] Using multiple UDP sockets with SO_REUSEPORT option to increase high connection rate
Martin Willi
martin at strongswan.org
Fri Mar 21 15:46:56 CET 2014
> And the single receiver thread becomes bottleneck due to high
> connection rate/setup rate.
The receiver job is rather trivial, only the IKE header is parsed and
some rate limiting is enforced for DoS protection. Any further
processing is delegated to the thread pool using that
process_message_job(). So I have my doubts that this is the bottleneck
you are actually looking for.
> Can it possible to create separate UDP sockets for each thread? The
> SO_REUSEPORT socket option allows multiple UDP sockets to be bound to
> the same port. With SO_REUSEPORT, multiple threads could use recvfrom
> () on its own socket to accept datagrams arriving on the port.
Theoretically that is possible, but I'm not really sure if that helps to
fix the issues you are seeing.
When running your tests, how does your job queue in "ipsec statusall"
look like? If you have many jobs queued that don't get processed,
something else prevents that charon scales properly on your platform.
Regards
Martin
More information about the Users
mailing list