IPsec Cryptographic Acceleration¶
TNSR will automatically configure software cryptographic acceleration for VPP if an IPsec tunnel is defined in the configuration. To enable this configuration, the VPP service must be restarted manually so it can enable the feature and allocate additional memory.
The cryptographic accelerator setting applies to all tunnels, so the restart is only required after the first IPsec tunnel configured by TNSR. The restart is not required for additional tunnels or when changing IPsec settings.
Restart the VPP dataplane from the TNSR basic mode CLI using the following command:
tnsr# config tnsr(config)# service dataplane restart
If the TNSR configuration contains no IPsec tunnels, TNSR will not require the memory resources associated with cryptographic acceleration and TNSR will not require a restart of the VPP dataplane service.
See DPDK Configuration for information on further configuration of cryptographic acceleration in the dataplane.