[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: API issues (was Re: IPsec and TCP )
I think this is a non-problem. There is plenty of precedent in the
Internet for paths that take a long time to handle the first packet,
then handle subsequent packets rapidly. Examples include
circuit-switched links, the most extreme being demand-dialed PPP
modems that can take ~30 sec to come up.
When TCP encounters such a path, it retransmits a few times but
recovers quickly if its RTT algorithms are implemented correctly. The
only harm is a few redundant SYN packets that come spewing through
once the link (or security association) is set up. I just can't get
too excited about them.
Of course, if the link is already up, none of the above applies. I
personally would not want to add a lot of layer violations to handle
something that isn't really a problem to begin with.
Phil
References: