openvpn and system overhead
Wojciech Puchar
wojtek at puchar.net
Fri Apr 19 17:18:07 UTC 2019
>> from/to tun device, as well as send/recv would have multipacket version -
>> it would mean speeding it up at least 4 times.
>
> Well, FreeBSD does have sendmmsg()/recvmmsg(), which allows for
> sending/receiving multiple packets per system call. I do not know if
> the "tun" device allows for send/recv type processing, or just
> read/write.
>
i will have a look at openvpn code next weekend.
tun doesn't have this but this would bit still a bit speedup.
> Don't get me wrong -- having in-kernel processing, like ipsec does, is far
> superior to doing it as a userland daemon, IMHO. Just pointing out
Having everything in kernel isn't superior.
Having low overhead system call interface would be. Sad to say but system
call overhead in FreeBSD is high.
More information about the freebsd-hackers
mailing list