How to improve SSL/TLS performance with kTLS offload

SSL_set_options(fd, SSL_OP_ENABLE_KTLS); 
# wget
# tar -xvzf openssl-3.0.0.tar.gz
# cd openssl-3.0.0
# ./Configure --prefix=/home/netlox/source/ssl --openssldir=/home/netlox/source/ssl enable-ktls '-Wl,-rpath,$(LIBRPATH)'
# make
# make install
# git clone
# cd iperf_ssl
# ./
# ./ /home/netlox/source/ssl
Server Mode
# src/iperf iperf --tls=v1.2 --ktls -s
Client Mode
# src/iperf --tls=v1.2 --ktls -c <ip> -t 60 -i 1
# ethtool -K <interface-name> tls-hw-tx-offload on
# ethtool -K <interface-name> tls-hw-rx-offload on
Kernel kTLS stats :
# cat /proc/net/tls_stat
Offloaded kTLS stats :
# ethtool -S <interface-name> | grep tls




Marketing and Communications @ Netlox

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Best Multi-Vendor Marketplace Platforms To Try Out in 2020 for your eCommerce Store

Best Multi-Vendor Marketplace Platforms

Investigating Machine Learning Techniques to Improve Spec Tests — IV

How to Create Emails to Cross-Sell Other Products

10 signs of a mature development pipeline

The complexity of Backend

How To Make Sure Your UX Is Lightning Fast

My First Dive Into Open Source

Building Composite Architecture

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store


Marketing and Communications @ Netlox

More from Medium

SOC143-Password Stealer Detected walkthrough

Getter and Setter, Late-Initialized Properties, Interface, Visibility Modifiers, Extension…

MatrixETF Set

Liya Shuster-Bier: “Making Cancer Less Lonely” with Alula