From owner-freebsd-net@freebsd.org Sat Aug 11 01:47:17 2018 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 5311710558AA for ; Sat, 11 Aug 2018 01:47:17 +0000 (UTC) (envelope-from jmg@gold.funkthat.com) Received: from gold.funkthat.com (gate2.funkthat.com [208.87.223.18]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "gate2.funkthat.com", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id C7287852E0 for ; Sat, 11 Aug 2018 01:47:16 +0000 (UTC) (envelope-from jmg@gold.funkthat.com) Received: from gold.funkthat.com (localhost [127.0.0.1]) by gold.funkthat.com (8.15.2/8.15.2) with ESMTPS id w7B1l7tP023824 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Fri, 10 Aug 2018 18:47:07 -0700 (PDT) (envelope-from jmg@gold.funkthat.com) Received: (from jmg@localhost) by gold.funkthat.com (8.15.2/8.15.2/Submit) id w7B1l71G023823; Fri, 10 Aug 2018 18:47:07 -0700 (PDT) (envelope-from jmg) Date: Fri, 10 Aug 2018 18:47:07 -0700 From: John-Mark Gurney To: "David P. Discher" Cc: "Andrey V. Elsukov" , freebsd-net@freebsd.org Subject: Re: Is if_ipsec/ipsec - AESNI accelerated ? Message-ID: <20180811014707.GB97145@funkthat.com> Mail-Followup-To: "David P. Discher" , "Andrey V. Elsukov" , freebsd-net@freebsd.org References: <62E0C365-AD64-4383-8BA4-298AA0E292F4@dpdtech.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Operating-System: FreeBSD 11.0-RELEASE-p7 amd64 X-PGP-Fingerprint: D87A 235F FB71 1F3F 55B7 ED9B D5FF 5A51 C0AC 3D65 X-Files: The truth is out there X-URL: https://www.funkthat.com/ X-Resume: https://www.funkthat.com/~jmg/resume.html X-TipJar: bitcoin:13Qmb6AeTgQecazTWph4XasEsP7nGRbAPE X-to-the-FBI-CIA-and-NSA: HI! HOW YA DOIN? can i haz chizburger? User-Agent: Mutt/1.6.1 (2016-04-27) X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.4.3 (gold.funkthat.com [127.0.0.1]); Fri, 10 Aug 2018 18:47:07 -0700 (PDT) X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 11 Aug 2018 01:47:17 -0000 David P. Discher wrote this message on Thu, Aug 09, 2018 at 13:11 -0700: > The documentation for using IPSec (especially if_ipsec) is really thin for freebsd, so I pieced some of this together from various posts and mailing lists threads. > > Is there no need for racoon ? How in this example is the IKE/ISAKMP setup done ? Is setkey doing this ? Yeah, it is... A few of us have sample config files floating around.. When I was doing testing I used: https://github.com/jmgurney/ipseccfgs > > On Aug 9, 2018, at 1:32 AM, Andrey V. Elsukov wrote: > > > > # kldload aesni > > # setkey -DF > > # setkey -c > > add 10.0.0.25 10.0.0.15 esp 10000 -m tunnel -u 16385 -E rijndael-cbc > > "0123456789123456"; > > add 10.0.0.15 10.0.0.25 esp 20000 -m tunnel -u 16385 -E rijndael-cbc > > "0123456789123456"; > > > > # sysctl net.inet.ipsec.async_crypto=0 > > net.inet.ipsec.async_crypto: 1 -> 0 > > This is 11.2-stable, shortly after release ??? I don???t have this sysctl. > > [ pts/0 sjc2 util201:~ ] > [ dpd ] > sysctl net.inet.ipsec > net.inet.ipsec.def_policy: 1 > net.inet.ipsec.esp_trans_deflev: 1 > net.inet.ipsec.esp_net_deflev: 1 > net.inet.ipsec.ah_trans_deflev: 1 > net.inet.ipsec.ah_net_deflev: 1 > net.inet.ipsec.ah_cleartos: 1 > net.inet.ipsec.dfbit: 0 > net.inet.ipsec.ecn: 0 > net.inet.ipsec.debug: 0 > net.inet.ipsec.filtertunnel: 0 > net.inet.ipsec.natt_cksum_policy: 0 > net.inet.ipsec.check_policy_history: 0 > net.inet.ipsec.crypto_support: 50331648 > > > > > On Aug 9, 2018, at 6:40 AM, John-Mark Gurney wrote: > > > > > > You don't show what ciphers you are using. It could be that you're > > using CBC mode, which is known to be slow, or that you're using a > > slow AH that is limiting performance, and not the cipher... > > > > Need to see your setkey.conf, or at least the output of setkey -D.. > > racoon.conf is : > > sainfo anonymous > { > pfs_group 2; > lifetime time 86400 seconds; > encryption_algorithm aes; > authentication_algorithm hmac_sha256; > compression_algorithm deflate; > } > > remote 10.245.0.202 [500] { > passive off; > my_identifier address 172.30.1.13; > exchange_mode main; > lifetime time 24 hour; > proposal { > encryption_algorithm aes; > hash_algorithm sha1; > authentication_method pre_shared_key; > dh_group 2; > }} > > > For some reason, I don???t think I can use AES-GCM on the juniper side, because of a combination of other required settings. I remember trying, but don???t remember why I can???t. > > > setkey.conf is : > > flush; > spdflush; > > spdadd -4n 172.30.1.12/30 172.30.1.12/30 any -P out ipsec esp/tunnel/10.245.0.201-10.245.0.202/unique:12; > spdadd -4n 172.30.1.12/30 172.30.1.12/30 any -P in ipsec esp/tunnel/10.245.0.202-10.245.0.201/unique:12; > spdadd -4n 172.30.1.4/30 172.30.1.4/30 any -P out ipsec esp/tunnel/10.245.0.201-10.245.0.203/unique:4; > spdadd -4n 172.30.1.4/30 172.30.1.4/30 any -P in ipsec esp/tunnel/10.245.0.203-10.245.0.201/unique:4; > > And that results in : > > [ pts/0 sjc2 util201:~ ] > [ dpd ] > sudo setkey -D > Password: > 10.245.0.201 10.245.0.202 > esp mode=tunnel spi=60080461(0x0394c14d) reqid=12(0x0000000c) > E: rijndael-cbc xxxx > A: hmac-sha2-256 xxxx Yeah, this is AES-CBC, and will always be slow on encryption, decryption will be fast though... To get max possible speed (per core), you can run: openssl speed -evp aes-128-cbc I believe that crypto will be single threaded on output, so you could try to enable net.inet.ipsec.async_crypto and see if that helps.. This will let your sending process be on one core while handing the encryption off to another thread... If you were running HEAD, you'd also get further improvements by there being multiple threads doing processing, but it looks like that change hasn't been MFC'd yet... Switching to SHA2-512 will also improve performance on 64bit systems... Also, check to make sure that the various processes are consuming 100% usage, and likely you'll see that.. Also, try running multiple streams to see if you get better performance, you should get signifcantly better performance as that'll split the work among multiple threads... -- John-Mark Gurney Voice: +1 415 225 5579 "All that I will do, has been done, All that I have, has not."