Kernel TLS, NIC Offload, and Socket Sharding: What’s New and Who Uses It?
Modern servers are expected to push hundreds of gigabits per second while keeping latency low and CPU use manageable. Two kernel-level innovations—socket sharding and kernel TLS (kTLS)—help make that possible. When paired with NIC TLS offload, the gains are even bigger. Socket Sharding Traditionally, only one process could accept() connections from a TCP socket. With Linux 4.5 (2016) and SO_REUSEPORT enhancements, multiple processes can share a listening socket. This “socket sharding” lets the kernel distribute connections efficiently across worker processes. ...