>On Tue, 15 Nov 2011, Vilhelm Jutvik wrote: > >> As for the (apparently widely held) belief that transport mode is >> redundant I would like to voice my opinion in defense of it: Tunnel >> mode incurs an overhead due to the extra IP header. In the case of >> IPv6 that overhead will be over 40 bytes and will hardware resources >> as well as bandwidth. Ferguson and Schneier proposes a compression >> scheme (section "Protocols") for reducing this overhead, but that >> suggestion is tantamount to proposing a new mode and would take much >> time and work to introduce in the current implementations. > >L2TP/IPsec stacks I know (Microsoft, OSX, xl2tpd/pppd, iOS) set the >MTU/MRU on the ppp address to about 1200 anyway. So any argument that >it saves so many bytes is lost in actual deployments where people put a >huge safetely margin in to avoid mtu and fragmentation issues. > >If your assigned IP goes to mtu 1200, you really have not gained a few >bytes by picking transport mode over tunnel mode.
This is not where the main issue is. Above you are only talking about the byte overhead when compared to a a full size packet. In that case the difference of 20 bytes out of 1400 is only about 1.4%, which doesn't make much difference in time for doing that large HTTP download. But, if you are doing VoIP where your VoIP payload is only 60 bytes then a 20 byte difference in overhead is a 33% effect. You now need to allocate 33% more bandwidth per voice call. This is significant. Mike. +------------------------------------------------+ | Mike Sullenberger; DSE | | [email protected] .:|:.:|:. | | Customer Advocacy CISCO | +------------------------------------------------+ _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
