[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: Closing out the COMPRESSION discussion
Hey now!
>
> I'm not sure I understand your point, Bob. Surely most (if not all)
> dial-up users will be using PPP, which already offers compression. What
> am I missing?
>
IPSec, among other things, defines encrypting packets at the network
layer. PPP compression is performed at the data link layer.
Compression algorithms search the data stream for patterns and then
replace those patterns with smaller representations. Encryption algorithms
generate outputs which are free of repetitive patterns. Therefore,
compression of encryted data will have no effect.
So, use of compression deserves to be defined in IPSec, because, if you
encrypt at the network layer, your PPP compression will not compress the
packets.
In order to harmonize the two technologies, you must compress before
encrypting.
Ferd
///////////////////////////////////////
// //
// Ferdinand N. Ahlberg //
// WAN Development //
// Cabletron Systems, Inc. //
// //
// ahlberg@ctron.com //
// //
///////////////////////////////////////
Follow-Ups: