Optimizing TLS for High–Bandwidth Applications in FreeBSD
نویسندگان
چکیده
Transport Layer Security (TLS) is becoming increasingly desirable and necessary in the modern Internet. Unfortunately it also induces heavy penalties on application CPU performance for both the client and server. In this paper we examine the server-side performance implications on CPU computational and data-movement overhead when enabling TLS on Netflix’s OpenConnect Appliance (OCA [1]) network. We then explore enhancements to FreeBSD to reduce the costs that TLS adds when serving high volumes of video traffic. Finally we describe recent changes and future improvements to FreeBSD’s OpenCrypto Framework that can be used to further improve performance.
منابع مشابه
Secure Channel Establishment in Disadvantaged Networks
Transport Layer Security (TLS) is a secure communication protocol that is used in many secure electronic applications. In order to establish a TLS connection, a client and server engage in a handshake, which usually involves the transmission of digital certificates. In this paper we present a practical speedup of TLS handshakes over bandwidth-constrained, high-latency (i.e. disadvantaged) links...
متن کاملExploiting Speculative Thread-Level Parallelism in Data Compression Applications
Although hardware support for Thread-Level Speculation (TLS) can ease the compiler’s tasks in creating parallel programs by allowing the compiler to create potentially dependent parallel threads, advanced compiler optimization techniques must be developed and judiciously applied to achieve the desired performance. In this paper, we take a close examination on two data compression benchmarks, GZ...
متن کاملDesign and Evaluation of a Method for Partitioning and Offloading Web-based Applications in Mobile Systems with Bandwidth Constraints
Computation offloading is known to be among the effective solutions of running heavy applications on smart mobile devices. However, irregular changes of a mobile data rate have direct impacts on code partitioning when offloading is in progress. It is believed that once a rate-adaptive partitioning performed, the replication of such substantial processes due to bandwidth fluctuation can be avoid...
متن کاملDisk Scheduling with Quality of Service Guarantees
This paper introduces YFQ, a new disk scheduling algorithm that allows applications to set aside for exclusive use portions of the disk bandwidth. We implemented YFQ as part of the Eclipse/BSD operating system, which is derived from FreeBSD, a version of 4.4 BSD Unix. YFQ’s disk bandwidth reservations can guarantee file accesses with high throughput, low delay, and good fairness. Such quality o...
متن کاملFiltering Power Divider/Combiner Based on Half Mode Substrate Integrated Waveguide (HMSIW) Technology for High Power Applications
A filtering power divider/power combiner based on half mode substrate integrated waveguide technology for high power applications is proposed. This design includes one half mode substrate integrated waveguide cavity, one matched load, and four sections of quarter-wavelength transmission lines. The high isolation between output ports is obtained by combining the half mode substrate integrated wa...
متن کامل