| < draft-pwouters-ipsecme-multi-sa-performance-02.txt | draft-pwouters-ipsecme-multi-sa-performance-03.txt > | |||
|---|---|---|---|---|
| Network A. Antony | Network A. Antony | |||
| Internet-Draft secunet | Internet-Draft secunet | |||
| Intended status: Standards Track T. Brunner | Intended status: Standards Track T. Brunner | |||
| Expires: 16 April 2022 codelabs | Expires: 22 September 2022 codelabs | |||
| S. Klassert | S. Klassert | |||
| secunet | secunet | |||
| P. Wouters | P. Wouters | |||
| Aiven | Aiven | |||
| 13 October 2021 | 21 March 2022 | |||
| IKEv2 support for per-queue Child SAs | IKEv2 support for per-queue Child SAs | |||
| draft-pwouters-ipsecme-multi-sa-performance-02 | draft-pwouters-ipsecme-multi-sa-performance-03 | |||
| Abstract | Abstract | |||
| This document defines three Notify Message Type Payloads for the | This document defines three Notify Message Type Payloads for the | |||
| Internet Key Exchange Protocol Version 2 (IKEv2) indicating support | Internet Key Exchange Protocol Version 2 (IKEv2) indicating support | |||
| for the negotiation of multiple identical Child SAs to optimize | for the negotiation of multiple identical Child SAs to optimize | |||
| performance. | performance. | |||
| The CPU_QUEUES notification indicates support for multiple queues or | The CPU_QUEUES notification indicates support for multiple queues or | |||
| CPUs. The CPU_QUEUE_INFO notification is used to confirm and | CPUs. The CPU_QUEUE_INFO notification is used to confirm and | |||
| skipping to change at page 1, line 49 ¶ | skipping to change at page 1, line 49 ¶ | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at https://datatracker.ietf.org/drafts/current/. | Drafts is at https://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on 16 April 2022. | This Internet-Draft will expire on 22 September 2022. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2021 IETF Trust and the persons identified as the | Copyright (c) 2022 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents (https://trustee.ietf.org/ | Provisions Relating to IETF Documents (https://trustee.ietf.org/ | |||
| license-info) in effect on the date of publication of this document. | license-info) in effect on the date of publication of this document. | |||
| Please review these documents carefully, as they describe your rights | Please review these documents carefully, as they describe your rights | |||
| and restrictions with respect to this document. Code Components | and restrictions with respect to this document. Code Components | |||
| extracted from this document must include Simplified BSD License text | extracted from this document must include Revised BSD License text as | |||
| as described in Section 4.e of the Trust Legal Provisions and are | described in Section 4.e of the Trust Legal Provisions and are | |||
| provided without warranty as described in the Simplified BSD License. | provided without warranty as described in the Revised BSD License. | |||
| Table of Contents | Table of Contents | |||
| 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 | 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 | |||
| 1.1. Requirements Language . . . . . . . . . . . . . . . . . . 3 | 1.1. Requirements Language . . . . . . . . . . . . . . . . . . 3 | |||
| 2. Performance bottlenecks . . . . . . . . . . . . . . . . . . . 3 | 2. Performance bottlenecks . . . . . . . . . . . . . . . . . . . 3 | |||
| 3. Negotiation of CPU specific Child SAs . . . . . . . . . . . . 3 | 3. Negotiation of CPU specific Child SAs . . . . . . . . . . . . 3 | |||
| 4. Implementation Considerations . . . . . . . . . . . . . . . . 5 | 4. Implementation Considerations . . . . . . . . . . . . . . . . 5 | |||
| 5. Payload Format . . . . . . . . . . . . . . . . . . . . . . . 6 | 5. Payload Format . . . . . . . . . . . . . . . . . . . . . . . 6 | |||
| 5.1. CPU_QUEUES Notify Status Message Payload . . . . . . . . 6 | 5.1. CPU_QUEUES Notify Status Message Payload . . . . . . . . 6 | |||
| skipping to change at page 9, line 46 ¶ | skipping to change at page 9, line 46 ¶ | |||
| they see fit". | they see fit". | |||
| Authors are requested to add a note to the RFC Editor at the top of | Authors are requested to add a note to the RFC Editor at the top of | |||
| this section, advising the Editor to remove the entire section before | this section, advising the Editor to remove the entire section before | |||
| publication, as well as the reference to [RFC7942]. | publication, as well as the reference to [RFC7942]. | |||
| 8.1. Linux XFRM | 8.1. Linux XFRM | |||
| Organization: Linux kernel XFRM | Organization: Linux kernel XFRM | |||
| Name: XFRM-PCPU-v1 | Name: XFRM-PCPU-v2 | |||
| https://git.kernel.org/pub/scm/linux/kernel/git/klassert/linux- | https://git.kernel.org/pub/scm/linux/kernel/git/klassert/linux- | |||
| stk.git/log/?h=xfrm-pcpu-v1 | stk.git/log/?h=xfrm-pcpu-v2 | |||
| Description: An initial Kernel IPsec implementation of the per-CPU | Description: An initial Kernel IPsec implementation of the per-CPU | |||
| method. | method. | |||
| Level of maturity: Alpha | Level of maturity: Alpha | |||
| Coverage: Implements Fallback Child SA and per-CPU Child SAs. It | Coverage: Implements Fallback Child SA and per-CPU Child SAs. It | |||
| only supports the NETLINK API. The PFKEYv2 API is not supported. | only supports the NETLINK API. The PFKEYv2 API is not supported. | |||
| Licensing: GPLv2 | Licensing: GPLv2 | |||
| End of changes. 8 change blocks. | ||||
| 10 lines changed or deleted | 10 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||