[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Comments on ESP and AH IPSEC drafts.

To: ipsec@TIS.COM
Subject: Re: Comments on ESP and AH IPSEC drafts.
From: Norman Shulman <norm@border.com>
Date: Fri, 27 Sep 1996 13:57:01 -0400
Cc: Rob Adams <adams@cisco.com>
In-Reply-To: <19960926144401adams@161.44.128.127>
Sender: ipsec-approval@neptune.tis.com

On Thu, 26 Sep 1996, Rob Adams wrote:

> ESP Draft (draft-ipsec-esp-des-md5-03.txt Sept 96):
> 
> Section 2.5: Padding.
> 
> I would like to suggest placing the Payload Type, Pad Length and padding 
> fields before the payload data.   Stop laughing.   After having implemented 
> this, I can say that it would be a heck of a lot more efficient and 
> therefore, perform better, if I didn't have to walk an MBUF chain twice to 
> remove padding.  You have to do this twice because you have to go to the 
> end first to get the length of the padding.   Since the padding could be 
> spread out of a variable number of buffers behind you, you have to start at 
> the head again and walk down until you find the buffer containing 
> packet[length-pad], and free from there.  Chopping the data off the head of 
> the buffer chain would save this walk and some hairy math to crop the right 
> size of data off the end. 

In Net/3 code, the padding can span at most 2 mbufs, so you only need to keep track of
the current and previous mbufs.

Norm


                   Norman Shulman      Border Network Technologies Inc.
     	        Software Engineer      Tel 1 416 368 7157 ext 304
                  norm@border.com      Fax 1 416 368 7178

References:

Comments on ESP and AH IPSEC drafts.

From: Rob Adams <adams@cisco.com>

Prev by Date: Re: Comments on ESP and AH IPSEC drafts.
Next by Date: Re: resistance to swamping attacks.
Prev by thread: Re: Comments on ESP and AH IPSEC drafts.
Next by thread: Re: Comments on ESP and AH IPSEC drafts.
Index(es):
- Main
- Thread