ktls nginx not working

Jeffrey Walton noloader at gmail.com
Fri Jan 28 06:46:21 UTC 2022


On Thu, Jan 27, 2022 at 8:52 AM Anoop Alias <anoopalias01 at gmail.com> wrote:
>
> I am trying to implement/test ktls as per the blog article
>
> https://www.nginx.com/blog/improving-nginx-performance-with-kernel-tls/#tls-protocol
>
> ###########################
> This is done on CentOS8 VM
>
> # uname -r
> 4.18.0-348.7.1.el8_5.x86_64
> ###########################
> # openssl-3.0.1/.openssl/bin/openssl ciphers
> TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:DHE-RSA-AES256-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA:RSA-PSK-AES256-GCM-SHA384:DHE-PSK-AES256-GCM-SHA384:RSA-PSK-CHACHA20-POLY1305:DHE-PSK-CHACHA20-POLY1305:ECDHE-PSK-CHACHA20-POLY1305:AES256-GCM-SHA384:PSK-AES256-GCM-SHA384:PSK-CHACHA20-POLY1305:RSA-PSK-AES128-GCM-SHA256:DHE-PSK-AES128-GCM-SHA256:AES128-GCM-SHA256:PSK-AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:ECDHE-PSK-AES256-CBC-SHA384:ECDHE-PSK-AES256-CBC-SHA:SRP-RSA-AES-256-CBC-SHA:SRP-AES-256-CBC-SHA:RSA-PSK-AES256-CBC-SHA384:DHE-PSK-AES256-CBC-SHA384:RSA-PSK-AES256-CBC-SHA:DHE-PSK-AES256-CBC-SHA:AES256-SHA:PSK-AES256-CBC-SHA384:PSK-AES256-CBC-SHA:ECDHE-PSK-AES128-CBC-SHA256:ECDHE-PSK-AES128-CBC-SHA:SRP-RSA-AES-128-CBC-SHA:SRP-AES-128-CBC-SHA:RSA-PSK-AES128-CBC-SHA256:DHE-PSK-AES128-CBC-SHA256:RSA-PSK-AES128-CBC-SHA:DHE-PSK-AES128-CBC-SHA:AES128-SHA:PSK-AES128-CBC-SHA256:PSK-AES128-CBC-SHA

One small comment here... Typically you can reduce the advertised
cipher suites to reduce the size of the pdu. Use a cipher string like
"HIGH:!aNULL:!kRSA:!PSK:!SRP:!MD5:!RC4". That gets you down to about
40 or 50 cipher suites (iirc), which takes up 80 or 100 bytes (each
cipher suite consumes 2 bytes in the client.hello).

You want to do what you can to keep those pdu's small. Also see
https://www.igvita.com/2013/12/16/optimizing-nginx-tls-time-to-first-byte/

> ###########################
> # /usr/sbin/nginx-debug -V
> nginx version: nginx/1.21.6
> built by gcc 8.5.0 20210514 (Red Hat 8.5.0-4) (GCC)
> built with OpenSSL 3.0.1 14 Dec 2021
> TLS SNI support enabled
> configure arguments: --with-debug --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --modules-path=/etc/nginx/modules --with-pcre=./pcre2-10.39 --with-pcre-jit --with-zlib=./zlib-1.2.11 --with-openssl=./openssl-3.0.1 --with-openssl-opt=enable-ktls --with-openssl-opt=enable-tls1_3 --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error_log

One small comment here... On x86_64 you should also use the OpenSSL
option enable-ec_nistp_64_gcc_128. It makes DH key exchange 2x to 4x
faster.

There are three conditions to use enable-ec_nistp_64_gcc_128, and
x86_64 satisfies them. Also see
https://wiki.openssl.org/index.php/Compilation_and_Installation#Configure_Options.

Jeff



More information about the nginx mailing list