[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: IPsec and TCP

To: ipsec@tis.com
Subject: Re: IPsec and TCP
From: andrade@netcom.com (Andrade Software Andrade Networking)
Date: Sun, 5 Jan 1997 01:33:17 -0800 (PST)
Cc: naganand@ftp.com, ho@earth.hpc.org
In-Reply-To: <199612202305.SAA10850@earth.hpc.org> from "Hilarie Orman" at Dec 20, 96 06:05:21 pm
Sender: owner-ipsec@ex.tis.com

Andrade Software & Networking
Andrad@Netcom.Com
X-Mailer: ELM [version 2.4 PL23]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Content-Length: 634       

This is interesting.  I knew that TCP/IP will be miserably slow when
you throw DES into it (about 1 Mbit/sec @ 200 Mhz on a Pentium) but I 
forgot about the impact of key exchange performance.  You'd be lucky 
to see 5 keys exchanged a second with Diffie-Hellman.  Has anyone 
measured (or at least estimated) the performance metrics for IPsec 
routers (and hosts) to exchange/update keys?  And on total IPsec
routing performance, say with a mixture of clear and encrypted links,
using various key update intervals. 

- Alex

-- 

Alex Alten
7677 Chestnut Way
Pleasanton, CA  94588
USA

Andrade@Netcom.Com
(510) 417-0159   Fax/Voice

Follow-Ups:

Re: IPsec and TCP

From: ho@earth.hpc.org (Hilarie Orman)

Re: IPsec and TCP

From: Ran Atkinson <rja@inet.org>

Re: IPsec and TCP

From: Phil Karn <karn@qualcomm.com>

Prev by Date: Re: pf_key comments
Next by Date: Re: IPsec and TCP
Prev by thread: Re: pf_key comments
Next by thread: Re: IPsec and TCP
Index(es):
- Main
- Thread