[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: is 1 Gbps a MUST?
At 03:06 PM 2/21/2002, CAVANNA,VICENTE V (A-Roseville,ex1) wrote: >If my interpretation is correct, the current (and earlier ones too) >security draft >at http://www.drizzle.com/~aboba/RDMA/draft-ietf-ips-security-10.txt >seems to say that an IPSec implementation MUST be capable of running at 1 Gbps. I won't respond to the wording of the draft, but to the sense that it must be intended to convey. If the wording doesn't convey this, it is the wording which must change. It seems to me that if the transfer of encrypted data at nominal link rates is expected, then encryption and decryption must be achieved at link rates. If 1 GBPS link rates are in view, guess what rates are important. If 10 GBPS... It seems to me that the question is not whether or not you are mandated to implement IPSEC in software, but what you need to do to accomplish link speed encryption and decryption. Hardware and software are duals; you can implement the algorithm either way, and the trade-off is money vs speed. We offer our customers both software and hardware options for IPSEC, and if the expected encryption rate is above certain speeds, we get fairly insistent on the latter. We call that "common sense".
Last updated: Fri Feb 22 10:18:08 2002
8845 messages in chronological order