[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: TO COMPRESS OR NOT TO CMPRS (please reply)
At 08:33 PM 2/18/97 +0000, Angelos D. Keromytis wrote:
>>1. What is the status of adding compression to ESP?
>
>I'm against adding compression to a particular transform. Someone
>mentioned having compression as an attribute to a SAID as a whole; if
>we want compression (and i'm not sure it'll buy us much), i think
>that's how it should be done. It should certainly be optional.
Compression is something that should be included in the proposal and
would be "independent" of any underlying transform.
>>2. Placement of the "packet compressed/not-compressed" byte/bit
>
>No need for this if we do (1). Otherwise, i'd rather see a different
>ESP transform (and don't tell me we're wasting bytes; if compression
>gains us about the same number of bytes as the extra ESP header or
>less, then clearly we shouldn't even be considering it as an option).
If you are compressing on the fly, sometimes the compress will
actually generate more data; in this case you want a flag to show
even though compression is enabled it was not used on this packet.
>However, just what is the model in mind ? I doubt firewalls need to
>perform compression; most companies have decent speed links to the
>Internet, so compression there wouldn't buy much.
>
>A couple more points:
>a) i think the only place compression would buy anything, especially
> networks become faster, is the "last mile" (as Steve Bellovin
> said); the 28.8 (or so) PPP link. Now, PPP already has compression
> for that link (or so i remember). Additionally, forcing compression
> in an ESP transform will make the two endpoints also perform encryption;
> i don't know about you, but i feel that there's higher chance of
> my data being snooped as they travel over the Internet than on the phone
> line from my place to the ISP.
If you are using encryption, the encrypted data is going to be uncompressable
so PPP level compression is not going to be useful.
>b) assuming the end user does use encryption all the way to the server
> somewhere on the net; forcing the server to do compression is "bad
> manners" IMO, since the server has probably more need of the CPU
> cycles than the (few ?) bytes compression will give save from the
> link. Establishing yet another SAID with the PPP remote endpoint
> to do additional compression just at the final step falls under
> (a), unless compression is a separate ESP transform (but again,
> doesn't PPP already do compression ?).
Buy lots of Alphas as your servers. :-)
--
Matt Thomas Internet: matt@lkg.dec.com
UNIX Networking WWW URL: http://ftp.digital.com/%7Ethomas/
Digital Equipment Corporation Disclaimer: This message reflects my own
Littleton, MA warped views, etc.