[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

IPSec Standard - No Flow Control?

To: ipsec@lists.tislabs.com
Subject: IPSec Standard - No Flow Control?
From: Rett_Walters@payless.com
Date: Mon, 23 Jul 2001 11:48:44 -0500
Sender: owner-ipsec@lists.tislabs.com

I have a question regarding IPsec inner workings.....

Is there a provision for Flow Control in the IPSec Standards?

I understand that IPSec essentially runs at Layer 3 which does not include
flow control algorithms (usually left to Layer 4 protocols such as TCP);
however I have noticed in live implementations of the protocol, long delay
networks (250ms round-trip) suffer serious performance issues when compared
to non-encrypted TCP communications such as Ftp's, using large (64k) TCP
Receive Windows.  Trace analysis shows a large percentage of time spent
waiting for ACKs to transmitted ESP packets.  Is there no way to control
the amount of data "in flight", ie setting a higher Window?   Using IPSec
Encapsulation seems to override or Break the TCP Windows set in the
encrypted packet headers, do to its own method of flow control (or lack
thereof).....

I am wondering if this was overlooked?

Thanks,

___________________________________
Rett D. Walters
Network Architect
Payless ShoeSource Inc.
Phone: 785-295-2049, Fax: 785-295-6666
Email: rett.walters@payless.com

Follow-Ups:

Re: IPSec Standard - No Flow Control?

From: Derek Atkins <warlord@mit.edu>

IPSec Standard - No Flow Control?

From: Michael Thomas <mat@cisco.com>

Prev by Date: Re: ipsec comparison
Next by Date: DEFLATE, ZLIB and RFC1951
Prev by thread: Re: ipsec comparison
Next by thread: Re: IPSec Standard - No Flow Control?
Index(es):
- Main
- Thread