Full‐mesh VPN performance evaluation for a secure edge‐cloud continuum
The recent introduction of full‐mesh virtual private network (VPN) solutions which offer near native performance, coupled with modern encryption algorithms and easy scalability as a result of a central control plane have a strong potential to enable the implementation of a seamless edge‐cloud contin...
Gespeichert in:
Veröffentlicht in: | Software, practice & experience practice & experience, 2024-08, Vol.54 (8), p.1543-1564 |
---|---|
Hauptverfasser: | , , , |
Format: | Artikel |
Sprache: | eng |
Schlagworte: | |
Online-Zugang: | Volltext |
Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
container_end_page | 1564 |
---|---|
container_issue | 8 |
container_start_page | 1543 |
container_title | Software, practice & experience |
container_volume | 54 |
creator | Kjorveziroski, Vojdan Bernad, Cristina Gilly, Katja Filiposka, Sonja |
description | The recent introduction of full‐mesh virtual private network (VPN) solutions which offer near native performance, coupled with modern encryption algorithms and easy scalability as a result of a central control plane have a strong potential to enable the implementation of a seamless edge‐cloud continuum. To test the performance of existing solutions in this domain, we present a framework consisted of both essential and optional features that full‐mesh VPN solutions need to support before they can be used for interconnecting geographically dispersed compute nodes. We then apply this framework on existing offerings and select three VPN solutions for further tests: Headscale, Netbird, and ZeroTier. We evaluate their features in the context of establishing an underlay network on top of which a Kubernetes overlay network can be created. We test pod‐to‐pod TCP and UDP throughput as well as Kubernetes application programming interface (API) response times, in multiple scenarios, accounting for adverse network conditions such as packet loss or packet delay. Based on the obtained measurement results and through analysis of the underlying strengths and weaknesses of the individual implementations, we draw conclusions on the preferred VPN solution depending on the use‐case at hand, striking a balance between usability and performance. |
doi_str_mv | 10.1002/spe.3329 |
format | Article |
fullrecord | <record><control><sourceid>proquest_cross</sourceid><recordid>TN_cdi_proquest_journals_3075906486</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>3075906486</sourcerecordid><originalsourceid>FETCH-LOGICAL-c3279-9fedeeb616490fc1e22d1e8966e202cda177cb0f7fc87c921a50c3d3bd3a061b3</originalsourceid><addsrcrecordid>eNp1kMtKAzEUhoMoWKvgIwy4cTP1JJlmJkspbVWKFrzgLmQyZ3TK3EwapTsfwWf0SUytW1cHfr7_HM5HyCmFEQVgF67HEedM7pEBBZnGwJLnfTIA4FkMIkkOyZFzKwBKx0wMyM3M1_X351eD7jV6Wt5GPdqys41uDUb4rmuv11XXRiGLdOTQeBvy4gVDx9SdLyLTteuq9b45Jgelrh2e_M0heZxNHyZX8eJufj25XMSGs1TGssQCMRdUJBJKQ5GxgmImhUAGzBSapqnJoUxLk6VGMqrHYHjB84JrEDTnQ3K229vb7s2jW6tV520bTioO6ViGLzMRqPMdZWznnMVS9bZqtN0oCmprSgVTamsqoPEO_ahq3PzLqfvl9Jf_AVoQbBQ</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>3075906486</pqid></control><display><type>article</type><title>Full‐mesh VPN performance evaluation for a secure edge‐cloud continuum</title><source>Access via Wiley Online Library</source><creator>Kjorveziroski, Vojdan ; Bernad, Cristina ; Gilly, Katja ; Filiposka, Sonja</creator><creatorcontrib>Kjorveziroski, Vojdan ; Bernad, Cristina ; Gilly, Katja ; Filiposka, Sonja</creatorcontrib><description>The recent introduction of full‐mesh virtual private network (VPN) solutions which offer near native performance, coupled with modern encryption algorithms and easy scalability as a result of a central control plane have a strong potential to enable the implementation of a seamless edge‐cloud continuum. To test the performance of existing solutions in this domain, we present a framework consisted of both essential and optional features that full‐mesh VPN solutions need to support before they can be used for interconnecting geographically dispersed compute nodes. We then apply this framework on existing offerings and select three VPN solutions for further tests: Headscale, Netbird, and ZeroTier. We evaluate their features in the context of establishing an underlay network on top of which a Kubernetes overlay network can be created. We test pod‐to‐pod TCP and UDP throughput as well as Kubernetes application programming interface (API) response times, in multiple scenarios, accounting for adverse network conditions such as packet loss or packet delay. Based on the obtained measurement results and through analysis of the underlying strengths and weaknesses of the individual implementations, we draw conclusions on the preferred VPN solution depending on the use‐case at hand, striking a balance between usability and performance.</description><identifier>ISSN: 0038-0644</identifier><identifier>EISSN: 1097-024X</identifier><identifier>DOI: 10.1002/spe.3329</identifier><language>eng</language><publisher>Bognor Regis: Wiley Subscription Services, Inc</publisher><subject>Algorithms ; Application programming interface ; edge‐cloud continuum ; Kubernetes ; orchestration ; Performance evaluation ; Virtual private networks ; Wireguard ; ZeroTier</subject><ispartof>Software, practice & experience, 2024-08, Vol.54 (8), p.1543-1564</ispartof><rights>2024 The Authors. published by John Wiley & Sons Ltd.</rights><rights>2024. This article is published under http://creativecommons.org/licenses/by/4.0/ (the “License”). Notwithstanding the ProQuest Terms and Conditions, you may use this content in accordance with the terms of the License.</rights><lds50>peer_reviewed</lds50><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c3279-9fedeeb616490fc1e22d1e8966e202cda177cb0f7fc87c921a50c3d3bd3a061b3</citedby><cites>FETCH-LOGICAL-c3279-9fedeeb616490fc1e22d1e8966e202cda177cb0f7fc87c921a50c3d3bd3a061b3</cites><orcidid>0000-0003-0419-4300 ; 0000-0001-9537-415X ; 0000-0002-8985-0639 ; 0000-0003-0034-2855</orcidid></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktopdf>$$Uhttps://onlinelibrary.wiley.com/doi/pdf/10.1002%2Fspe.3329$$EPDF$$P50$$Gwiley$$Hfree_for_read</linktopdf><linktohtml>$$Uhttps://onlinelibrary.wiley.com/doi/full/10.1002%2Fspe.3329$$EHTML$$P50$$Gwiley$$Hfree_for_read</linktohtml><link.rule.ids>314,780,784,1417,27924,27925,45574,45575</link.rule.ids></links><search><creatorcontrib>Kjorveziroski, Vojdan</creatorcontrib><creatorcontrib>Bernad, Cristina</creatorcontrib><creatorcontrib>Gilly, Katja</creatorcontrib><creatorcontrib>Filiposka, Sonja</creatorcontrib><title>Full‐mesh VPN performance evaluation for a secure edge‐cloud continuum</title><title>Software, practice & experience</title><description>The recent introduction of full‐mesh virtual private network (VPN) solutions which offer near native performance, coupled with modern encryption algorithms and easy scalability as a result of a central control plane have a strong potential to enable the implementation of a seamless edge‐cloud continuum. To test the performance of existing solutions in this domain, we present a framework consisted of both essential and optional features that full‐mesh VPN solutions need to support before they can be used for interconnecting geographically dispersed compute nodes. We then apply this framework on existing offerings and select three VPN solutions for further tests: Headscale, Netbird, and ZeroTier. We evaluate their features in the context of establishing an underlay network on top of which a Kubernetes overlay network can be created. We test pod‐to‐pod TCP and UDP throughput as well as Kubernetes application programming interface (API) response times, in multiple scenarios, accounting for adverse network conditions such as packet loss or packet delay. Based on the obtained measurement results and through analysis of the underlying strengths and weaknesses of the individual implementations, we draw conclusions on the preferred VPN solution depending on the use‐case at hand, striking a balance between usability and performance.</description><subject>Algorithms</subject><subject>Application programming interface</subject><subject>edge‐cloud continuum</subject><subject>Kubernetes</subject><subject>orchestration</subject><subject>Performance evaluation</subject><subject>Virtual private networks</subject><subject>Wireguard</subject><subject>ZeroTier</subject><issn>0038-0644</issn><issn>1097-024X</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2024</creationdate><recordtype>article</recordtype><sourceid>24P</sourceid><sourceid>WIN</sourceid><recordid>eNp1kMtKAzEUhoMoWKvgIwy4cTP1JJlmJkspbVWKFrzgLmQyZ3TK3EwapTsfwWf0SUytW1cHfr7_HM5HyCmFEQVgF67HEedM7pEBBZnGwJLnfTIA4FkMIkkOyZFzKwBKx0wMyM3M1_X351eD7jV6Wt5GPdqys41uDUb4rmuv11XXRiGLdOTQeBvy4gVDx9SdLyLTteuq9b45Jgelrh2e_M0heZxNHyZX8eJufj25XMSGs1TGssQCMRdUJBJKQ5GxgmImhUAGzBSapqnJoUxLk6VGMqrHYHjB84JrEDTnQ3K229vb7s2jW6tV520bTioO6ViGLzMRqPMdZWznnMVS9bZqtN0oCmprSgVTamsqoPEO_ahq3PzLqfvl9Jf_AVoQbBQ</recordid><startdate>202408</startdate><enddate>202408</enddate><creator>Kjorveziroski, Vojdan</creator><creator>Bernad, Cristina</creator><creator>Gilly, Katja</creator><creator>Filiposka, Sonja</creator><general>Wiley Subscription Services, Inc</general><scope>24P</scope><scope>WIN</scope><scope>AAYXX</scope><scope>CITATION</scope><scope>7SC</scope><scope>8FD</scope><scope>F28</scope><scope>FR3</scope><scope>JQ2</scope><scope>L7M</scope><scope>L~C</scope><scope>L~D</scope><orcidid>https://orcid.org/0000-0003-0419-4300</orcidid><orcidid>https://orcid.org/0000-0001-9537-415X</orcidid><orcidid>https://orcid.org/0000-0002-8985-0639</orcidid><orcidid>https://orcid.org/0000-0003-0034-2855</orcidid></search><sort><creationdate>202408</creationdate><title>Full‐mesh VPN performance evaluation for a secure edge‐cloud continuum</title><author>Kjorveziroski, Vojdan ; Bernad, Cristina ; Gilly, Katja ; Filiposka, Sonja</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c3279-9fedeeb616490fc1e22d1e8966e202cda177cb0f7fc87c921a50c3d3bd3a061b3</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2024</creationdate><topic>Algorithms</topic><topic>Application programming interface</topic><topic>edge‐cloud continuum</topic><topic>Kubernetes</topic><topic>orchestration</topic><topic>Performance evaluation</topic><topic>Virtual private networks</topic><topic>Wireguard</topic><topic>ZeroTier</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Kjorveziroski, Vojdan</creatorcontrib><creatorcontrib>Bernad, Cristina</creatorcontrib><creatorcontrib>Gilly, Katja</creatorcontrib><creatorcontrib>Filiposka, Sonja</creatorcontrib><collection>Wiley Online Library (Open Access Collection)</collection><collection>Wiley Online Library Free Content</collection><collection>CrossRef</collection><collection>Computer and Information Systems Abstracts</collection><collection>Technology Research Database</collection><collection>ANTE: Abstracts in New Technology & Engineering</collection><collection>Engineering Research Database</collection><collection>ProQuest Computer Science Collection</collection><collection>Advanced Technologies Database with Aerospace</collection><collection>Computer and Information Systems Abstracts Academic</collection><collection>Computer and Information Systems Abstracts Professional</collection><jtitle>Software, practice & experience</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Kjorveziroski, Vojdan</au><au>Bernad, Cristina</au><au>Gilly, Katja</au><au>Filiposka, Sonja</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Full‐mesh VPN performance evaluation for a secure edge‐cloud continuum</atitle><jtitle>Software, practice & experience</jtitle><date>2024-08</date><risdate>2024</risdate><volume>54</volume><issue>8</issue><spage>1543</spage><epage>1564</epage><pages>1543-1564</pages><issn>0038-0644</issn><eissn>1097-024X</eissn><abstract>The recent introduction of full‐mesh virtual private network (VPN) solutions which offer near native performance, coupled with modern encryption algorithms and easy scalability as a result of a central control plane have a strong potential to enable the implementation of a seamless edge‐cloud continuum. To test the performance of existing solutions in this domain, we present a framework consisted of both essential and optional features that full‐mesh VPN solutions need to support before they can be used for interconnecting geographically dispersed compute nodes. We then apply this framework on existing offerings and select three VPN solutions for further tests: Headscale, Netbird, and ZeroTier. We evaluate their features in the context of establishing an underlay network on top of which a Kubernetes overlay network can be created. We test pod‐to‐pod TCP and UDP throughput as well as Kubernetes application programming interface (API) response times, in multiple scenarios, accounting for adverse network conditions such as packet loss or packet delay. Based on the obtained measurement results and through analysis of the underlying strengths and weaknesses of the individual implementations, we draw conclusions on the preferred VPN solution depending on the use‐case at hand, striking a balance between usability and performance.</abstract><cop>Bognor Regis</cop><pub>Wiley Subscription Services, Inc</pub><doi>10.1002/spe.3329</doi><tpages>20</tpages><orcidid>https://orcid.org/0000-0003-0419-4300</orcidid><orcidid>https://orcid.org/0000-0001-9537-415X</orcidid><orcidid>https://orcid.org/0000-0002-8985-0639</orcidid><orcidid>https://orcid.org/0000-0003-0034-2855</orcidid><oa>free_for_read</oa></addata></record> |
fulltext | fulltext |
identifier | ISSN: 0038-0644 |
ispartof | Software, practice & experience, 2024-08, Vol.54 (8), p.1543-1564 |
issn | 0038-0644 1097-024X |
language | eng |
recordid | cdi_proquest_journals_3075906486 |
source | Access via Wiley Online Library |
subjects | Algorithms Application programming interface edge‐cloud continuum Kubernetes orchestration Performance evaluation Virtual private networks Wireguard ZeroTier |
title | Full‐mesh VPN performance evaluation for a secure edge‐cloud continuum |
url | https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2024-12-23T03%3A54%3A52IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_cross&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Full%E2%80%90mesh%20VPN%20performance%20evaluation%20for%20a%20secure%20edge%E2%80%90cloud%20continuum&rft.jtitle=Software,%20practice%20&%20experience&rft.au=Kjorveziroski,%20Vojdan&rft.date=2024-08&rft.volume=54&rft.issue=8&rft.spage=1543&rft.epage=1564&rft.pages=1543-1564&rft.issn=0038-0644&rft.eissn=1097-024X&rft_id=info:doi/10.1002/spe.3329&rft_dat=%3Cproquest_cross%3E3075906486%3C/proquest_cross%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=3075906486&rft_id=info:pmid/&rfr_iscdi=true |