[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: l2tp as ipsra solution
Hi Skip,
Skip Booth wrote:
>
> On Wed, 14 Jun 2000, Moshe Litvin wrote:
>
> > Bernard,
> >
> > I agree with Scott that bytes-on-the-wire is only part of the overhead.
> >
> > The problem is that you are comparing raw IPsec (optimized for simplicity
> > and speed) with compressed (optimized for size) L2TP. You are not comparing
> > apples to apples.
>
> We have had this overhead discussion on the IPsec mailing list previously. I
> have argued and will continue to argue that the L2TP HC and PPP AFC/PFC should
> not impact the pps throughput of and L2TP/PPP implementation. In fact since
> L2TP HC runs directly on top of IP this is potentially a slight optimization
> since you only have to look inside 2 headers (IP/L2TP) instead of 3
> (IP/UDP/L2TP). I can tell you for a fact that PPP PFC/AFC do not have any
> impact on our switching performance.
This misses the point, i.e. while header compression may or may may not
affect the throughput of a given l2tp/ppp implementation, it will
certainly affect the throughput of a native ipsec implementation which
now has to add the l2tp/ppp code.
<some text trimmed...>
> So one of the questions I would ask Scott, should this mapping to a AAA server
> be included in the requirements doc or should there be separate drafts written
> that describe this mapping (one for radius, one for tacacs, etc).
If there are specific accounting requirements, then I suppose these
should be in the ipsra requirements draft. Please elaborate on these
requirements.
Scott