ChaCha20-Poly1305 Hardware assist/offload?
-
Hi all
Seeing that FreeBSD 14 is now at the core of pfSense in 23.01, and Wireguards ChaCha20-Poly1305 cipher has been made available for both IPsec and OpenVPN DCO, where are we in terms of hardware acceleration of this stream cipher?
Is it supported at all at this point?
If so in which cases - AES-NI, QAT on Intel? SafeXcel on arm?I know ChaCha20 is much faster (soft) on the CPU than traditional AES block ciphers, but still, Intel released benchmarks on linux that showed wireguard could see anything from 3 to 10X speed increase using AVX512 and QAT.
I would really like to switch to Wireguard for my Site 2 Site tunnels, but since I have SG-2100’s in the other end, performance is not on IPsec with SafeXcel hardware offload levels in 22.05. And the CPU i visibly taxed harder during heavy usage that AES128-CGM using SafeXcel.
Does 23.01 change any of this with FreeBSD14’s kernel support for Wireguard?
Love the no fuss of using the official appliances :-)
-
It doesn't change anything in terms of hardware acceleration. The crypto hardware SafeXcel attaches to cannot accelerate chacha poly.
Steve
-
@stephenw10 said in ChaCha20-Poly1305 Hardware assist/offload?:
It doesn't change anything in terms of hardware acceleration. The crypto hardware SafeXcel attaches to cannot accelerate chacha poly.
Steve
Thanks - good to know. How about QAT acceleration on x64? Is that done at this stage (not that it would help me)?
-
On amd64? QAT is enabled but I don't believe any of the currently supported hardware will accelerate chacha poly. See: https://man.freebsd.org/cgi/man.cgi?query=qat
That is coming in gen3 devices from what I can see. Driver support allowing. I don't have anything that supports it to test against yet.
-
Seeing that FreeBSD 14 is now at the core of pfSense
in 23.01, and Wireguards ChaCha20-Poly1305 cipher
has been made available for both IPsec and OpenVPN
DCO, where are we in terms of hardware acceleration
of this stream cipher?It rumours here and there but not really something that
will be available soon for usage.Is it supported at all at this point?
The new Intel Atom C5000 or P5000 SoC series will be sorted with QAT 2 or QAT 3 as I am informed.
If so in which cases - AES-NI, QAT on Intel? SafeXcel on > arm?
The DPDK has something right now "available", that is using the Intel QAT to support the ChaCha-Poly algorithm
as I know it is the only available source about at this time.This patchset adds Chacha20-Poly1305 implementation to Intel QuickAssist Technology pmd.
I know ChaCha20 is much faster (soft) on the CPU than traditional AES block ciphers, but still, Intel released benchmarks on linux that showed wireguard could see anything from 3 to 10X speed increase using AVX512 and QAT.
Linux is not FreeBSD, and FreeBSD is the underlying OS for pfSense. They are both "unixoide" OS but nothing more.
I would really like to switch to Wireguard for my Site 2
Site tunnels, but since I have SG-2100’s in the other end,The ARM architecture is different from the x86_64 and comes also with an own crypto unit, its strong and powerful but not the same as Intel QAT.
