Recently, we have seen an evolution of programmable network devices, where it is possible to customize packet processing inside the data plane at an unprecedented level. This is in contrast to traditional approaches, where networking device functionality is fixed and defined by the ASIC and customers need to wait possibly years before the vendors release new versions that add features required by customers. The vendors in the industry have adapted and the focus has shifted to offering new types of network devices, such as the SmartNIC, IPU, and DPU. Another major paradigm shift in the networking area is the shift towards protocols that encrypt parts of headers and contents of packets such as QUIC. Also, many devices such as smart phones have support for multiple access networks, which requires efficient multipath protocols to leverage the capabilities of multiple networks at the same time. However, when using protocols inside the network that requires encryption such as QUIC or multipath QUIC, packet processing operations for the en/decryption process are very resource intensive. Consequently, network vendors and operators are in need to accelerate and offload crypto operations to dedicated hardware in order to free CPU cycles for business critical operations. Therefore, the aim of this study is to investigate how multipath QUIC can be offloaded or hardware accelerated in order to reduce the CPU utilization on the server. Our contributions are an evaluation of frameworks, programming languages and hardware devices in terms of crypto offloading functionality. Two packet processing offloading prototypes were designed using the DPDK framework and the programming language P4. The design using DPDK was implemented and evaluated on a BlueField 2 DPU. The offloading prototype handles a major part of the packet processing and the crypto operations in order to reduce the load of the user application running on the host. A evaluation show that the throughput when using larger keys are only slightly decreased. The evaluation gives important insights in the need of crypto engines and/or CPUs with high performance when offloading.
Identifer | oai:union.ndltd.org:UPSALLA1/oai:DiVA.org:kau-90809 |
Date | January 2022 |
Creators | Alfredsson, Rebecka |
Publisher | Karlstads universitet, Institutionen för matematik och datavetenskap (from 2013), Karlstads universitet, Avdelningen för datavetenskap |
Source Sets | DiVA Archive at Upsalla University |
Language | English |
Detected Language | English |
Type | Student thesis, info:eu-repo/semantics/bachelorThesis, text |
Format | application/pdf, application/pdf |
Rights | info:eu-repo/semantics/openAccess, info:eu-repo/semantics/openAccess |
Page generated in 0.0021 seconds