IKEv2 support for per-queue Child SAs
draft-pwouters-multi-sa-performance-01
Document | Type |
Replaced Internet-Draft
(individual)
Expired & archived
|
|
---|---|---|---|
Authors | Antony Antony , Steffen Klassert , Paul Wouters | ||
Last updated | 2021-02-22 | ||
Replaced by | draft-pwouters-ipsecme-multi-sa-performance | ||
RFC stream | (None) | ||
Intended RFC status | (None) | ||
Formats | |||
Stream | Stream state | (No stream defined) | |
Consensus boilerplate | Unknown | ||
RFC Editor Note | (None) | ||
IESG | IESG state | Replaced by draft-pwouters-ipsecme-multi-sa-performance | |
Telechat date | (None) | ||
Responsible AD | (None) | ||
Send notices to | (None) |
This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:
Abstract
This document defines two Notification Payloads for the Internet Key Exchange Protocol Version 2 (IKEv2): NUM_QUEUES and QUEUE_INFO. These payloads add support for indicating that the negotiating of multiple identical Child SAs are to be used to optimize performance based on the number of queues or CPUs, or to create multiple Child SAs for different Quality of Service (QoS) levels. It indicates that a newer idetnical Child SA should not be interpreted as a replacement Child SA. Using multiple identical Child Sa's has the benefit that each stream has its own Sequence Number, ensuring that CPU's don't have to synchronize their crypto state or disable their packet replay detection.
Authors
Antony Antony
Steffen Klassert
Paul Wouters
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)