is 1 Gbps a MUST?

To: "'ips@ece.cmu.edu'" <ips@ece.cmu.edu>
Subject: is 1 Gbps a MUST?
From: "CAVANNA,VICENTE V (A-Roseville,ex1)" <vince_cavanna@agilent.com>
Date: Thu, 21 Feb 2002 16:06:51 -0700
Cc: "SHEEHY,DAVE (A-Americas,unix1)" <dave_sheehy@agilent.com>, "CAVANNA,VICENTE V (A-Roseville,ex1)" <vince_cavanna@agilent.com>, "THALER,PAT (A-Roseville,ex1)" <pat_thaler@agilent.com>
Content-Type: text/plain;charset="ISO-8859-1"
Sender: owner-ips@ece.cmu.edu

If my interpretation is correct, the current (and earlier ones too) security
draft at  http://www.drizzle.com/~aboba/RDMA/draft-ietf-ips-security-10.txt
seems to say that an IPSec implementation MUST be capable of running at 1
Gbps. I quote from the draft:
"Given current networking technology, IP block storage security solutions
must be implementable at 1 Gbps in terms of CPU overhead and/or availability
of suitable hardware implementations and should be implementable at 10 Gbps
in the near future. 10 Gbps implementations are desirable but are not an
absolute requirement as implementation feasibility at these speeds is not
yet demonstrated. "
On the other hand I hear a lot of talk about TOEs in hardware and IPSec in
software. Given that, once IPSec is turned on, *every* incoming packet must
be inspected to confirm compliance with the security policy, I find it hard
to believe that a software implementation can be claimed to be compliant. In
fact a software implementation implies introducing a bottleneck in front of
the TOE.
Am I misinterpreting the requirement or am I underestimating the potential
performance of a software implementation?
Vince Cavanna
Agilent Technologies

Follow-Ups:
- Re: is 1 Gbps a MUST?
  - From: Fred Baker <fred@cisco.com>

Prev by Date: Re: iSCSI: key negotiation - Unrecognized value? (fwd)
Next by Date: Re: is 1 Gbps a MUST?
Prev by thread: Re: iSCSI: key negotiation - Unrecognized value? (fwd)
Next by thread: Re: is 1 Gbps a MUST?
Index(es):
- Date
- Thread

Home

Last updated: Fri Feb 22 01:17:58 2002
8839 messages in chronological order