jedisct1
commented
2 years ago Hi!
dsvpn is always single threaded. What you may see on the server is the Linux kernel automatically switching processes from one core to another.
Making it multi-threaded would add a lot of complexity, and if performance is the issue, replacing the encryption algorithm may be more efficient.
You can also reduce the number rounds by defining a XOODOO_ROUNDS variable. The default is 12, but you can go as low as 6; this remains safe against the currently best known practical attacks.
vochong
Hi Frank,
I did some performance tests for DSVPN on RPI 4b running 64-bit Linux (aarch64). It can handle about 200 Mbps TCP traffic (using iperf3).
However, I noticed that DSVPN seemed to use only 1 core (out of 4 cores for RPI 4b) for encryption/decryption. On the peer machine (Intel i5-6300U), DSVPN did use all 4 cores for processing. I'm wondering why DSVPN used only 1 core on RPI4b.
Thanks!