[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: IPSec performance statistics



Well, I have seen 300+ simultaneous connections renegotiatiate within 30
seconds after a reboot with only 10-20 dropped packets.  This was on a
RedCreek 7150 terminating Personal Ravlin II's.

Christopher S. Gripp
Systems Engineer
Axcelerant


-----Original Message-----
From: Michael Richardson [mailto:mcr@sandelman.ottawa.on.ca]
Sent: Thursday, August 02, 2001 4:30 PM
To: sommerfeld@East.Sun.COM
Cc: ipsec@lists.tislabs.com
Subject: Re: IPSec performance statistics 



>>>>> "Bill" == Bill Sommerfeld <sommerfeld@East.Sun.COM> writes:
    Bill> Main mode + quick mode + first-user-traffic winds up being
about 5
    Bill> round trips, so network latency winds up being a dominant
factor in
    Bill> how long it takes to get things flowing..

  so long as there is enough CPU leftover, of course.

  I'd be interested to know how long it takes before 1000 road warriors
are
able to function again after rebooting the gateway :-)

]       ON HUMILITY: to err is human. To moo, bovine.           |
firewalls  [
]   Michael Richardson, Sandelman Software Works, Ottawa, ON    |net
architect[
] mcr@sandelman.ottawa.on.ca http://www.sandelman.ottawa.on.ca/ |device
driver[
] panic("Just another NetBSD/notebook using, kernel hacking, security
guy");  [