[strongSwan] Problem with pcrypt

Sven Anders anders at anduras.de
Fri Sep 15 19:17:18 CEST 2017


Hello!

I setup StrongSwan and I am currently performing some throughput tests.

I have two VM-Ware ESXi servers and on each of these is a VM running Ubuntu 16.04.
Each VM has 8 virtual CPUs. The VM-Ware servers are interconnected with an 10G link.
The performance on the link is about ~500 MBytes/s. This is because there currently
other productive instances running in parallel. Without these I will get about
~950 MBytes/s. But this should be enough for my tests...


Now my problem:

If I run the IPSec connection without the pcrypt module loaded, I will get the
following throughput:

> ./netperf -H 192.168.184.250 -fM -D 5 -c 1 -C 1 -l 30
Recv   Send    Send                          Utilization       Service Demand
Socket Socket  Message  Elapsed              Send     Recv     Send    Recv
Size   Size    Size     Time     Throughput  local    remote   local   remote
bytes  bytes   bytes    secs.    MBytes  /s  % S      % S      us/KB   us/KB

 87380  16384  16384    30.01       152.25   10.52    6.21     5.397   3.186
 87380  16384  16384    30.00       157.79   11.05    7.82     5.469   3.872
 87380  16384  16384    30.01       167.69   11.94    6.79     5.560   3.162
 87380  16384  16384    30.00       165.32   11.82    7.19     5.585   3.398

If I run this with the pcrypt module loaded, I will get the following throughput:

> ./netperf -H 192.168.184.250 -fM -D 5 -c 1 -C 1 -l 30
Recv   Send    Send                          Utilization       Service Demand
Socket Socket  Message  Elapsed              Send     Recv     Send    Recv
Size   Size    Size     Time     Throughput  local    remote   local   remote
bytes  bytes   bytes    secs.    MBytes  /s  % S      % S      us/KB   us/KB

 87380  16384  16384    30.02        93.67   21.12    17.45    17.615  14.557
 87380  16384  16384    30.02        87.30   21.81    17.14    19.515  15.338
 87380  16384  16384    30.02        90.50   21.23    4.29     18.324  3.706
 87380  16384  16384    30.02        92.18   20.97    4.19     17.771  3.548

[Beware: All throughput values are in MBytes/s not Mbits/s !]

Can anybody explain this?
I expected the throughput to increase not to decrease...

I loaded the pcrypt module with:

  modprobe tcrypt alg="pcrypt(rfc4106(gcm(aes)))" type=3

(and restarted strongswan with "systemctrl restart strongswan")

I played with the "replay_window" option (tried 0 and 64), but it did not help.

What could cause this slowdown?

Any kind of help is appreciated...

Regards
 Sven


This is my configuration:
-------------------------

# /etc/ipsec.conf - strongSwan IPsec configuration file
config setup
conn %default
        ikelifetime=60m
        keylife=20m
        rekeymargin=3m
        keyingtries=1
        keyexchange=ikev2
        mobike=no
        esp=aes256gcm16!
conn net-net
        left=10.10.99.1
        leftcert=moonCert.pem
        leftid=@moon.strongswan.org
        leftsubnet=192.168.183.0/24
        leftfirewall=yes
        right=10.10.99.2
        rightid=@sun.strongswan.org
        rightsubnet=192.168.184.0/24
        auto=add
	replay_window=0

(Same on the other side, just the IPs swapped and with the sunCert.pem certificate ...)

My strongswan output:

charon[4392]: 00[DMN] Starting IKE charon daemon (strongSwan 5.3.5, Linux 4.4.0-93-generic, x86_64)
charon[4392]: 00[CFG] loading ca certificates from '/etc/ipsec.d/cacerts'
charon[4392]: 00[CFG]   loaded ca certificate "C=CH, O=Linux strongSwan, CN=strongSwan Root CA" from '/etc/ipsec.d/cacerts/strongswanCert.pem'
charon[4392]: 00[CFG] loading aa certificates from '/etc/ipsec.d/aacerts'
charon[4392]: 00[CFG] loading ocsp signer certificates from '/etc/ipsec.d/ocspcerts'
charon[4392]: 00[CFG] loading attribute certificates from '/etc/ipsec.d/acerts'
charon[4392]: 00[CFG] loading crls from '/etc/ipsec.d/crls'
charon[4392]: 00[CFG] loading secrets from '/etc/ipsec.secrets'
charon[4392]: 00[CFG]   loaded RSA private key from '/etc/ipsec.d/private/moonKey.pem'
charon[4392]: 00[CFG]   loaded IKE secret for @moon.strongswan.org @sun.strongswan.org
charon[4392]: 00[CFG] opening triplet file /etc/ipsec.d/triplets.dat failed: No such file or directory
charon[4392]: 00[CFG] loaded 0 RADIUS server configurations
charon[4392]: 00[LIB] loaded plugins: charon test-vectors aes rc2 sha1 sha2 md4 md5 random nonce x509 revocation constraints pubkey pkcs1 pkcs7 pkcs8
pkcs12 pgp dnskey sshkey pem openssl fips-prf gmp agent xcbc hmac gcm attr kernel-netlink resolve socket-default connmark farp stroke updown
eap-identity eap-sim eap-sim-pcsc eap-aka eap-aka-3gpp2 eap-simaka-pseudonym eap-simaka-reauth eap-md5 eap-gtc eap-mschapv2 eap-dynamic eap-radius
eap-tls eap-ttls eap-peap eap-tnc xauth-generic xauth-eap xauth-pam xauth-noauth tnc-tnccs tnccs-20 tnccs-11 tnccs-dynamic dhcp lookip error-notify
certexpire led addrblock unity
charon[4392]: 00[LIB] dropped capabilities, running as uid 0, gid 0
charon[4392]: 00[JOB] spawning 16 worker threads
ipsec_starter[4391]: charon (4392) started after 40 ms
charon[4392]: 06[CFG] received stroke: add connection 'net-net'
charon[4392]: 06[CFG]   loaded certificate "C=CH, O=Linux strongSwan, CN=moon.strongswan.org" from 'moonCert.pem'
charon[4392]: 06[CFG] added configuration 'net-net'
charon[4392]: 06[CFG] received stroke: initiate 'net-net'
charon[4392]: 07[IKE] initiating IKE_SA net-net[1] to 10.10.99.2
charon[4392]: 07[IKE] initiating IKE_SA net-net[1] to 10.10.99.2
charon[4392]: 07[ENC] generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(HASH_ALG) ]
charon[4392]: 07[NET] sending packet: from 10.10.99.1[500] to 10.10.99.2[500] (1124 bytes)
charon[4392]: 09[NET] received packet: from 10.10.99.2[500] to 10.10.99.1[500] (481 bytes)
charon[4392]: 09[ENC] parsed IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(HASH_ALG) N(MULT_AUTH) ]
charon[4392]: 09[IKE] received cert request for "C=CH, O=Linux strongSwan, CN=strongSwan Root CA"
charon[4392]: 09[IKE] sending cert request for "C=CH, O=Linux strongSwan, CN=strongSwan Root CA"
charon[4392]: 09[IKE] authentication of 'moon.strongswan.org' (myself) with RSA_EMSA_PKCS1_SHA256 successful
charon[4392]: 09[IKE] sending end entity cert "C=CH, O=Linux strongSwan, CN=moon.strongswan.org"
charon[4392]: 09[IKE] establishing CHILD_SA net-net
charon[4392]: 09[IKE] establishing CHILD_SA net-net
charon[4392]: 09[ENC] generating IKE_AUTH request 1 [ IDi CERT N(INIT_CONTACT) CERTREQ IDr AUTH SA TSi TSr N(MULT_AUTH) N(EAP_ONLY) ]
charon[4392]: 09[NET] sending packet: from 10.10.99.1[500] to 10.10.99.2[500] (1596 bytes)
charon[4392]: 10[NET] received packet: from 10.10.99.2[500] to 10.10.99.1[500] (1532 bytes)
charon[4392]: 10[ENC] parsed IKE_AUTH response 1 [ IDr CERT AUTH SA TSi TSr N(AUTH_LFT) ]
charon[4392]: 10[IKE] received end entity cert "C=CH, O=Linux strongSwan, CN=sun.strongswan.org"
charon[4392]: 10[CFG]   using certificate "C=CH, O=Linux strongSwan, CN=sun.strongswan.org"
charon[4392]: 10[CFG]   using trusted ca certificate "C=CH, O=Linux strongSwan, CN=strongSwan Root CA"
charon[4392]: 10[CFG] checking certificate status of "C=CH, O=Linux strongSwan, CN=sun.strongswan.org"
charon[4392]: 10[CFG]   fetching crl from 'http://crl.strongswan.org/strongswan.crl' ...
charon[4392]: 10[LIB] unable to fetch from http://crl.strongswan.org/strongswan.crl, no capable fetcher found
charon[4392]: 10[CFG] crl fetching failed
charon[4392]: 10[CFG] certificate status is not available
charon[4392]: 10[CFG]   reached self-signed root ca with a path length of 0
charon[4392]: 10[IKE] authentication of 'sun.strongswan.org' with RSA_EMSA_PKCS1_SHA256 successful
charon[4392]: 10[IKE] IKE_SA net-net[1] established between 10.10.99.1[moon.strongswan.org]...10.10.99.2[sun.strongswan.org]
charon[4392]: 10[IKE] IKE_SA net-net[1] established between 10.10.99.1[moon.strongswan.org]...10.10.99.2[sun.strongswan.org]
charon[4392]: 10[IKE] scheduling reauthentication in 3279s
charon[4392]: 10[IKE] maximum IKE_SA lifetime 3459s
charon[4392]: 10[IKE] CHILD_SA net-net{1} established with SPIs c70d5aba_i cb7e5654_o and TS 192.168.183.0/24 === 192.168.184.0/24
charon[4392]: 10[IKE] CHILD_SA net-net{1} established with SPIs c70d5aba_i cb7e5654_o and TS 192.168.183.0/24 === 192.168.184.0/24
vpn[4421]: + sun.strongswan.org 192.168.184.0/24 == 10.10.99.2 -- 10.10.99.1 == 192.168.183.0/24
charon[4392]: 10[IKE] received AUTH_LIFETIME of 3391s, scheduling reauthentication in 3211s

> ipsec statusall
Status of IKE charon daemon (strongSwan 5.3.5, Linux 4.4.0-93-generic, x86_64):
  uptime: 28 minutes, since Sep 15 18:34:16 2017
  malloc: sbrk 2727936, mmap 0, used 616576, free 2111360
  worker threads: 11 of 16 idle, 5/0/0/0 working, job queue: 0/0/0/0, scheduled: 3
  loaded plugins: charon test-vectors aes rc2 sha1 sha2 md4 md5 random nonce x509 revocation constraints pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey
sshkey pem openssl fips-prf gmp agent xcbc hmac gcm attr kernel-netlink resolve socket-default connmark farp stroke updown eap-identity eap-sim
eap-sim-pcsc eap-aka eap-aka-3gpp2 eap-simaka-pseudonym eap-simaka-reauth eap-md5 eap-gtc eap-mschapv2 eap-dynamic eap-radius eap-tls eap-ttls
eap-peap eap-tnc xauth-generic xauth-eap xauth-pam xauth-noauth tnc-tnccs tnccs-20 tnccs-11 tnccs-dynamic dhcp lookip error-notify certexpire led
addrblock unity
Listening IP addresses:
  10.10.133.101
  10.10.99.1
  192.168.183.250
Connections:
     net-net:  10.10.99.1...10.10.99.2  IKEv2
     net-net:   local:  [moon.strongswan.org] uses public key authentication
     net-net:    cert:  "C=CH, O=Linux strongSwan, CN=moon.strongswan.org"
     net-net:   remote: [sun.strongswan.org] uses public key authentication
     net-net:   child:  192.168.183.0/24 === 192.168.184.0/24 TUNNEL
Security Associations (1 up, 0 connecting):
     net-net[1]: ESTABLISHED 28 minutes ago, 10.10.99.1[moon.strongswan.org]...10.10.99.2[sun.strongswan.org]
     net-net[1]: IKEv2 SPIs: 98a6d3eeeaf1f9c0_i* a25f94aff1cdec12_r, public key reauthentication in 25 minutes
     net-net[1]: IKE proposal: AES_CBC_128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048
     net-net{2}:  INSTALLED, TUNNEL, reqid 1, ESP SPIs: c0b03d25_i c07fc07c_o
     net-net{2}:  AES_GCM_16_256/ESN, 94353752 bytes_i, 5965332882 bytes_o, rekeying in 11 seconds
     net-net{2}:   192.168.183.0/24 === 192.168.184.0/24
     net-net{3}:  INSTALLED, TUNNEL, reqid 1, ESP SPIs: c770da0f_i c8fe02d2_o
     net-net{3}:  AES_GCM_16_256/ESN, 0 bytes_i, 0 bytes_o, rekeying in 11 minutes
     net-net{3}:   192.168.183.0/24 === 192.168.184.0/24

> ip xfrm state
src 10.10.99.1 dst 10.10.99.2
	proto esp spi 0xc07fc07c reqid 1 mode tunnel
	replay-window 0 flag af-unspec
	aead rfc4106(gcm(aes)) 0xcbcc5acbe14362c202a98286a72ea9b25f2f054435413c7097e476ed3e7c6d0b5d6c6f1d 128
	anti-replay context: seq 0x0, oseq 0x3ef313, bitmap 0x00000000
src 10.10.99.2 dst 10.10.99.1
	proto esp spi 0xc0b03d25 reqid 1 mode tunnel
	replay-window 0 flag af-unspec
	aead rfc4106(gcm(aes)) 0x58ae85c2c38b8102aabc3d8f14d62988e8935ebbc84a83eff13a3bd831a5fa1b36768b3b 128
	anti-replay context: seq 0x0, oseq 0x0, bitmap 0x00000000

> cat /proc/crypto | grep -C10 pcrypt
name         : seqiv(rfc4106(gcm(aes)))
driver       : seqiv(pcrypt(rfc4106-gcm-aesni))
module       : seqiv
priority     : 500
refcnt       : 6
selftest     : passed
internal     : no
type         : aead
async        : yes
blocksize    : 1
ivsize       : 8
maxauthsize  : 16
geniv        : <none>

name         : rfc4106(gcm(aes))
driver       : pcrypt(rfc4106-gcm-aesni)
module       : pcrypt
priority     : 500
refcnt       : 6
selftest     : passed
internal     : no
type         : aead
async        : yes
blocksize    : 1
ivsize       : 8
maxauthsize  : 16
geniv        : <none>

> cpuinfo (8 CPUs for each VM instance):

processor	: 7
vendor_id	: GenuineIntel
cpu family	: 6
model		: 79
model name	: Intel(R) Xeon(R) CPU E5-2630 v4 @ 2.20GHz
stepping	: 1
microcode	: 0xb00001f
cpu MHz		: 2197.455
cache size	: 25600 KB
physical id	: 14
siblings	: 1
core id		: 0
cpu cores	: 1
apicid		: 14
initial apicid	: 14
fpu		: yes
fpu_exception	: yes
cpuid level	: 20
wp		: yes
flags		: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts mmx fxsr sse sse2 ss syscall nx pdpe1gb rdtscp lm
constant_tsc arch_perfmon pebs bts nopl xtopology tsc_reliable nonstop_tsc aperfmperf eagerfpu pni pclmulqdq ssse3 fma cx16 pcid sse4_1 sse4_2 x2apic
movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand hypervisor lahf_lm abm 3dnowprefetch epb fsgsbase tsc_adjust bmi1 hle avx2 smep bmi2 invpcid
rtm rdseed adx smap xsaveopt dtherm ida arat pln pts
bugs		:
bogomips	: 4394.91
clflush size	: 64
cache_alignment	: 64
address sizes	: 42 bits physical, 48 bits virtual
power management:

> ip xfrm policy
src 192.168.184.0/24 dst 192.168.183.0/24
	dir fwd priority 2883
	tmpl src 10.10.99.2 dst 10.10.99.1
		proto esp reqid 1 mode tunnel
src 192.168.184.0/24 dst 192.168.183.0/24
	dir in priority 2883
	tmpl src 10.10.99.2 dst 10.10.99.1
		proto esp reqid 1 mode tunnel
src 192.168.183.0/24 dst 192.168.184.0/24
	dir out priority 2883
	tmpl src 10.10.99.1 dst 10.10.99.2
		proto esp reqid 1 mode tunnel
src 0.0.0.0/0 dst 0.0.0.0/0
	socket in priority 0
src 0.0.0.0/0 dst 0.0.0.0/0
	socket out priority 0
src 0.0.0.0/0 dst 0.0.0.0/0
	socket in priority 0
src 0.0.0.0/0 dst 0.0.0.0/0
	socket out priority 0
src ::/0 dst ::/0
	socket in priority 0
src ::/0 dst ::/0
	socket out priority 0
src ::/0 dst ::/0
	socket in priority 0
src ::/0 dst ::/0
	socket out priority 0




-- 
 Sven Anders <anders at anduras.de>                 () UTF-8 Ribbon Campaign
                                                 /\ Support plain text e-mail
 ANDURAS intranet security AG
 Messestrasse 3 - 94036 Passau - Germany
 Web: www.anduras.de - Tel: +49 (0)851-4 90 50-0 - Fax: +49 (0)851-4 90 50-55

Those who would give up essential Liberty, to purchase a little
temporary Safety, deserve neither Liberty nor Safety.
  - Benjamin Franklin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: anders.vcf
Type: text/x-vcard
Size: 339 bytes
Desc: not available
URL: <http://lists.strongswan.org/pipermail/users/attachments/20170915/d809b9c3/attachment.vcf>


More information about the Users mailing list