: I know this is about BSD, so somewhat off-topic, but still shows that most of the context switch complexity can be avoided while not re-inventing the wheels in user-space. I recommend reading the paper of the original author, it's fascinating IMO. Note that with Linux a lot of the context switch overhead can be avoided by leveraging the state of the art async framework IO-uring, BSD may already have or get something similarily. Wireguard also provides fast, code-lean and modern VPN technology. But again, it's work to create and maintain and only feasible for specialized stuff.ģ. The open-source firewall PFSENSE also offers a VPN server with which, for example.
Some NICs support loading a smaller program to operate directly on the NIC, e.g., through eBPF - nothing gets faster than that as it avoids that (some) traffic hits the CPU at all. It is faster if you make it so, i.e., you need to invest quite some work to get to a point where it's faster than kernel - but yea, with that you can make it go brrrrrrrt in quite a few use cases, it's more like an SDK.Ģ. Throwing out a few points regarding DPDK/low overhead data/event exchange between kernel and userspace:ġ.
0 kommentar(er)
