freebsd-skq

History

eri aa0e535a51 Reduce overhead of IPSEC for traffic generated from host When IPSEC is enabled on the kernel the forwarding path has an optimization to not enter the code paths for checking security policies but first checks if there is any security policy active at all. The patch introduces the same optimization but for traffic generated from the host itself. This reduces the overhead by 50% on my tests for generated host traffic without and SP active. Differential Revision: https://reviews.freebsd.org/D2980 Reviewed by: ae, gnn Approved by: gnn(mentor)		2015-07-03 15:31:56 +00:00
..
ah_var.h
ah.h
esp_var.h
esp.h
ipcomp_var.h
ipcomp.h
ipsec6.h
ipsec_input.c
ipsec_mbuf.c
ipsec_output.c
ipsec.c	Reduce overhead of IPSEC for traffic generated from host	2015-07-03 15:31:56 +00:00
ipsec.h
key_debug.c
key_debug.h
key_var.h
key.c	drop key_sa_stir_iv as it isn't used...	2015-06-11 13:05:37 +00:00
key.h	drop key_sa_stir_iv as it isn't used...	2015-06-11 13:05:37 +00:00
keydb.h
keysock.c	Remove unneded mbuf length adjustment, M_PREPEND() already did that.	2015-05-19 17:14:27 +00:00
keysock.h
xform_ah.c
xform_esp.c
xform_ipcomp.c
xform_tcp.c
xform.h