> On Dec 3, 2019, at 6:02 AM, Valery Smyslov <smyslov.i...@gmail.com> wrote:
>
>>> Adding a packet ID also means that you can't just chain the inner traffic
>>> buffers together to form the IP-TFS
>> payload as you must now insert an extra header between each of the inner
>> packets, this is going to affect
>> performance and memory use on whitebox/software based deployments as well as
>> reduce available
>> bandwidth on the tunnel.
>>
>> Good point. You can always chain extra headers and inner packets with
>> a scatter-gather list, but it will have some performance impact.
>
> If support for transport mode is added then an extra header seems
> anavoidable...
I suspect you are correct. For the transport case it should be enough to just
replicate the ESP sequence number method (i.e., add it to the IP-TFS header
once) too though.
Thanks,
Chris.
_______________________________________________
IPsec mailing list
IPsec@ietf.org
https://www.ietf.org/mailman/listinfo/ipsec
