> There was some discussion of how much packet expansion
> might be caused by IPsec in various modes (such as ESP tunnel
> mode) some time ago. I don't think this is expected to be a large
> increase, in percentage size, for "normal" packet size distributions,
> as one is basically encapsulating the original packet. I don't
> understand how one would lose 5/6 of the bandwidth (256 kbps
> out of approx. 1.5 Mbps) while using IPsec. How does the Cisco
> engineer explain this?
One of the faster to encrypt encryption methods has about a 1 to 4
increase in data size. They could be using it. In a networked
situation I'd think this was sub optimal, but then if you are
selling networking bandwidth...
Most all encryption methods are size neutral or at most add a few bytes
to packtes not matching even multiples of the encryption block size.
--
| Bryan Andersen | [EMAIL PROTECTED] | http://softail.visi.com |
| Buzzwords are like annoying little flies that deserve to be swatted. |
| -Bryan Andersen |
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
