[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: IPsec and TCP
Andrade Software & Networking
Andrad@Netcom.Com
X-Mailer: ELM [version 2.4 PL23]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Content-Length: 634
This is interesting. I knew that TCP/IP will be miserably slow when
you throw DES into it (about 1 Mbit/sec @ 200 Mhz on a Pentium) but I
forgot about the impact of key exchange performance. You'd be lucky
to see 5 keys exchanged a second with Diffie-Hellman. Has anyone
measured (or at least estimated) the performance metrics for IPsec
routers (and hosts) to exchange/update keys? And on total IPsec
routing performance, say with a mixture of clear and encrypted links,
using various key update intervals.
- Alex
--
Alex Alten
7677 Chestnut Way
Pleasanton, CA 94588
USA
Andrade@Netcom.Com
(510) 417-0159 Fax/Voice
Follow-Ups: