Bayan 'yan kwanaki da suka gabata lMasu haɓaka OpenVPN sun fito labarai cewa sun bullo da manhajar kernel mai suna "ovpn-dco" wanda babban aikin sa shine haɓaka aikin VPN sosai.
Kodayake module har yanzu yana ci gaba a cikin reshen linux-gaba kuma yana da matsayin na gwaji, ya riga ya kai matakin kwanciyar hankali wanda ya ba da damar amfani da shi don tabbatar da aikin OpenVPN.
Idan aka kwatanta da tun-tushen sanyi, amfani da module a kan abokin ciniki da gefen uwar garke tare da amfani da ɓoyayyen AES-256-GCM ya ba da damar haɓaka sau 8 a cikin aikin (daga 370 Mbit / s zuwa 2950 Mbit s).
Lokacin amfani da ƙirar kawai a gefen abokin ciniki, wasan kwaikwayon ya ninka sau uku don zirga -zirgar waje kuma baya canzawa don zirga -zirgar shiga. Lokacin amfani da ƙirar kawai a gefen sabar, ana ninka yawan kayan ta hanyar 4 don zirga -zirgar shigowa da 35% don zirga -zirgar waje.
Tsaro yana ɗaya daga cikin mahimman abubuwan da za a yi la’akari da su lokacin kan layi. Da zarar amintattun hanyoyin sadarwarku na kan layi suna tare da ɓoyewa, zai fi kyau. Rufaffen bayanai ya rage saurin sarrafa kwamfuta a baya, wanda ya inganta tare da CPUs na zamani. Amma za mu iya yin ƙarin. OpenVPN ya ƙaddamar da sabon ci gaba wanda zai haɓaka saurin ga masu amfani da shi lokacin ƙarewar kernel: OpenVPN Data Channel Offload (DCO).
Ana samun hanzari ta hanyar motsa duk ayyukan crypto, sarrafa fakiti da sarrafa tashar zuwa kernel na Linux, yana kawar da haɗin gwiwa Tare da sauyawa mahallin, yana ba da damar daidaita aikin ta hanyar samun dama ga kernel na API ɗin kai tsaye kuma yana kawar da jinkirin canja wurin bayanai tsakanin kernel da sararin mai amfani. (Module ɗin yana yin ɓoyewa, ɓoyewa, da juyawa ba tare da aika zirga -zirga zuwa mai sarrafawa a cikin sararin mai amfani ba.)
Ya kamata a lura cewa mummunan tasiri akan aikin VPN galibi saboda ayyukan ɓoyayyen ɓoyayyun abubuwa ne da ke cinye albarkatu da yawa da jinkirin da mahallin ke canzawa. An yi amfani da haɓaka kayan sarrafawa kamar Intel AES-NI don hanzarta ɓoye ɓoye, amma sauye-sauyen mahallin har yanzu sun kasance ƙalubale kafin ovpn-dco.
Baya ga yin amfani da umarnin da injin ɗin ya bayar don hanzarta ɓoyayyen ɓoyayyen tsari, tsarin ovpn-dco kuma yana ba da rarrabuwa na ayyukan ɓoyewa zuwa sassa daban-daban da sarrafa su a cikin yanayin da aka haɗa da yawa, wanda ke ba da damar amfani da duk kayan aikin CPU da ke akwai.
Don VPN mai amfani-sarari, kamar OpenVPN, rufaffen ɓoyewa da juzu'in mahallin yana iyakance saurin gudu. Tare da CPUs na zamani, an inganta ɓoyayyen ɓoyayyen ɓoyayyiya ta hanyar haɓakawa kamar Intel AES-NI, wanda hakan yana haɓaka saurin sauri ga masu amfani da OpenVPN.
Amma wuce kima tare da juzu'in mahallin har yanzu ana buƙatar magance shi. Kamar yadda saurin Intanet na sirri da kasuwanci ke ƙaruwa kuma aikace -aikacen suna amfani da ƙarin bandwidth, masu amfani suna tsammanin saurin sauri tare da sadarwar kan layi. Sabili da haka, tasirin waɗannan sama -sama ya zama sananne.
Daga iyakokin yanzu waɗanda aka ambata daga aiwatarwa waɗanda kuma za a kawar da su nan gaba, kawai Hanyoyin AEAD da 'babu' (ba tare da tantancewa ba) da AES-GCM da CHACHA20POLY1305 ciphers.
An kuma ambata cewa Ana shirin tallafawa DCO don haɗawa cikin sakin sigar Buɗe VPN 2.6, wanda aka shirya don kwata na huɗu na wannan shekara. A halin yanzu, ƙirar tana goyan bayan OpenVPN3 abokin ciniki beta na Linux mai buɗewa da gwajin gwaji na sabar OpenVPN don Linux. Hakanan ana samar da irin wannan tsarin ovpn-dco-win don kernel na Windows.
Finalmente idan kuna sha'awar ƙarin sani game da shi game da bayanin kula, zaku iya bincika bayanan A cikin mahaɗin mai zuwa.