[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Comments on draft-ietf-ipsec-new-auth-00.txt



Steven Bellovin <smb@research.att.com> writes:

> Yes, there is data.  I've heard Vern Paxson's talk on his measurements,
> and a reasonably high percentage of TCP connections do see out-of-order
> packets.  Furthermore, since dropped packets have a very serious effect
> on TCP throughput, it's really worth some effort to avoid any extra drops.

> The incidence of out-of-order delivery seems to depend on the site
> involved.  This suggests that it's useful if a site can tune its own
> replay window.  (There was at least one incident where a window of *54*
> would have been necessary to accept the packet!)

This is very useful data/rational to have. I certainly hope suitable
(discussion) text along these lines makes it into the draft.

Also, is there a pointer to Vern's measurements on this particular topic?

Thomas


References: