At 8:25 AM -0700 2005-09-13, Hal Murray wrote:
That structure is already needed to keep things like crypto crunching from
causing problems.
Even if the server is smart enough to wait as long as possible
before putting the time stamp into the reply, having the whole system
dependant on a potentially lengthy search through an on-disk
authorization database is going to greatly increase the latency and
jitter of the overall response, and greatly reduce the quality of
time that can be served to those clients.
If it's a small database, then it will fit into memory, and can
be relatively quickly searched, and the best known search algorithms
of this type are already implemented in firewalls. If there was
anything better, they would have already been implemented in firewall
products.
At that point, you might as well let the firewall do it's job.
The latency and jitter could still be significantly impacted, but the
firewall will do a better job of performing that function than
anything else you can buy or build (unless it's a different firewall).
If it's not a small database, then you're simply going to get
killed by going to disk.
--
Brad Knowles, <[EMAIL PROTECTED]>
"Those who would give up essential Liberty, to purchase a little
temporary Safety, deserve neither Liberty nor Safety."
-- Benjamin Franklin (1706-1790), reply of the Pennsylvania
Assembly to the Governor, November 11, 1755
SAGE member since 1995. See <http://www.sage.org/> for more info.
_______________________________________________
timekeepers mailing list
[email protected]
https://fortytwo.ch/mailman/cgi-bin/listinfo/timekeepers
