IPsec encryption across dark fibre with two ConnectX-6 DX EN


I am happy to join this forum! I have a dirk fibre route between two company buildings. As an aim for the future we want to upgrade our backbone/network to 100Gb. I want to keep the traffic over the dark fibre secured/encrypted.

The ConnectX-6 Dx provides the feature of inline Hardware IPsec/TLS encryption and decryption.

Can I use two SmartNIC to encrypt the dark fibre? Can the SmartNIC work on their own, like pluged in on an Linux device with low CPU and Memory just to power the SmartNIC over PCI?


switch first building =unencrypted=> 100Gb Port 1 of SmartNIC
=inline encryption on SmartNIC=> 100Gb Port 2 of SmartNIC
=encrypted over Dark Fibre=> 100Gb Port 1 of second SmartNIC
=inline decryption on SmartNIC=> 100Gb Port2 of second SmartNIC
=unencrypted=> switch second building


The feature you are interested in is described in OFED documentation.
Please take a look at the below link:

Best Regards,

1 Like