So, I'm presently testing this change out on my personal home network wide VPN setup but I think I finally was able to implement one of the original design goals that I had in mind. Whenever I wrote proxy applications, I would always separate out the read-client and write-server direction from the read-server and write-client direction. When I first tried this with OpenVPN, I could not do so because there was only a single PRIMARY negotiated session key as well as some other shared buffer variables which were conflicting and causing errors.
I spent several days trying to work through the SSL code paths and was able to finally implement a secondary negotiated session key state which helps with separating out the read and write pipelines in both the client and server mode of operations. I call this mode, --dual-mode (which really depends on my previous clean up code that I did in the original --bulk-mode and --mtio-mode) and it is able to achieve some pretty nice and snappy performance on behalf of my entire network (also thanks to the basic connection state tracking solution)! In case you're interested to see any of the commit code details itself: Blog Post: https://fossjon.com/2025/10/30/finally-able-to-insert-a-proper-layer-of-bi-directional-multi-threaded-set-of-core-operations-to-the-highly-modified-openvpn-source-code/ Commit Code: https://github.com/stoops/openvpn-fork/compare/mtio...dual Pull Request: https://github.com/OpenVPN/openvpn/pull/884 Complete Commits: https://github.com/stoops/openvpn-fork/compare/master...bust Thanks again for all your work and time on this great open source project! Jon C
_______________________________________________ Openvpn-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openvpn-devel
