FreeBSD has long adopted state-of-the-art transport protocols and networking technologies, making it a strong candidate for modern datacenter environments. This talk presents our ongoing implementation of the Secure Message Transport (SMT) [1] in the FreeBSD kernel (SMT’s original implementation is done in Linux [2]). This fills the gap in FreeBSD’s transport stack by providing secure, message-oriented, low-latency communication suitable for cloud environments.
SMT extends the Homa transport protocol, which is specialized for low-tail latency RPC workloads common in datacenters, by adding transport-level encryption. Although SMT is a native transport protocol alongside TCP, UDP and SCTP, it can use TLS offload in existing NICs, including NVIDIA/Mellanox ConnectX-6 DX or -7 NICs, designed for TCP, enabling transition from DCTCP without compromising NIC offloads.
This talk will cover SMT’s design overview and current status of its FreeBSD kernel implementation, which significantly differ from other transport protocols due to message-based transport abstraction and fine-grained parallelism. We will show the basic data structures like pcb and packet formats, encrypted message transmission and reception data path, and relationship with existing kernel subsystems like kTLS, netisr, and mlx5 driver. The talk also shows simple secure message exchange demonstrations using VMs or remote testbed. The work has already been confirmed for support as a FreeBSD Foundation internship through Hiroki Sato.
[1] Designing Transport-Level Encryption for Datacenter Networks
Tianyi Gao, Xinshu Ma, Suhas Narreddy, Eugenio Luo, Steven W. D. Chien and Michio Honda, To appear in IEEE Symposium on Security and Privacy 2026. Awarded IETF/IRTF Applied Networking Research Prize