[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: Traffic selectors, fragments, ICMP messages and security policy problems
Hi Bora,
I don't want to put numbers to it because I don't think they matter. I
would simply characterize a "high speed" implementation as one pushing the
current limits of the technology at any point in time.
For any speed and price range, it will always be "easier" (more feasible,
cheaper, faster for the price, shorter time to market, etc. -- pick your
metric) to build a device that treats each packet (or fragment) on its own
than to build a device that treats packets based on other packets that have
been or will be seen.
A requirement to collect fragments in order to evaluate port selector
policy will serve to reduce the availabilty of high speed implementations.
Mark
At 05:30 PM 3/18/2004 -0800, Bora Akyol wrote:
>Mark
>
>Can you please qualify what you mean by high speed and also how many
>tunnels at that speed?
>
>Do you mean 1Gbps, 10 Gbps or 100 Gbps? How many tunnels at that speed
>and packet size.
>
>Once we define what "high speed" means, hopefully we can get a good
>understanding of
>what are the issues that are detrimental to the high speed
>implementation.
>
>Thanks
>
>Bora