[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: TOS copying considered harmful



> Second, as noted in recent work by the diffserv WG, packets with different
> TOS values may be re-ordered en route, and "slow" packets on a busy path
> can end up outside the AH/ESP anti-replay window.

We know there is a severe amount of packet reordering going on (see
Sigcomm papers from 2-3 years ago).  The AH/ESP anti-replay window size
is a matter of implementation, and increasing its size does not affect
the correctness of the protocol, merely the speed of the implementation.
Does anyone have measurements indicating that such packet reordering is 
interfering with the current-practice 32-position antireplay window?

/ji

--
 /\  ASCII ribbon  |  John Ioannidis * Secure Systems Research Department
 \/    campaign    |  AT&T Labs - Research * Florham Park, NJ 07932
 /\    against     |  "Intellectuals trying to out-intellectual
/  \  HTML email.  |   other intellectuals" (Fritz the Cat)