IoT IP Overlay Network Security PerformanceAnalysis with Open Source Infrastructure Deployment

: Some of the most deployed infrastructures nowadays are Overlay Networks (ONs). They consist of hardware and software components designed to establish private and secure communication channels, typically over the Internet. ONs are among the most reliable technologies for achieving this objective and represent the next-generation solution for secure communication. In this paper, we analyze important network performance metrics (RTT, bandwidth) while varying the type of Overlay Network used for interconnecting traffic between two or more hosts (within the same data center, in different data centers in the same building, or over the Internet). These networks establish connections between KVM (Kernel-based Virtual Machine) instances rather than the typical Docker/LXC/Podman containers. The first analysis will assess network performance as it is, without any overlay channels. The second will establish various types of channels without encryption, and the final one will encapsulate overlay traffic via IPsec (Transport mode), where encrypted channels like VTI are not already available for use. The obtained performance is demonstrated through a comprehensive set of traffic-simulation campaigns.