Kernel TLS, NIC Offload, and Socket Sharding: What’s New and Who Uses It?
Modern servers are expected to push hundreds of gigabits per second while keeping latency low and CPU use manageable. Two kernel-level innovations-socket sharding and kernel TLS (kTLS)-help make that possible. When paired with NIC TLS offload, the gains are even bigger. Socket Sharding Traditionally, only one process could accept() connections from a TCP socket. With Linux 4.5 (2016) and SO_REUSEPORT enhancements, multiple processes can share a listening socket. This “socket sharding” lets the kernel distribute connections efficiently across worker processes. ...