[178112] in North American Network Operators' Group


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Interesting BFD discussion on reddit

daemon@ATHENA.MIT.EDU (Glen Kent)
Sun Feb 15 22:27:00 2015

X-Original-To: nanog@nanog.org
In-Reply-To: <20150215222540.GA15215@pob.ytti.fi>
Date: Mon, 16 Feb 2015 08:55:17 +0530
From: Glen Kent <glen.kent@gmail.com>
To: Saku Ytti <saku@ytti.fi>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org

>
>
>
> I wonder if Trio, EZChip and friends could do SHA in NPU, my guess is yes
> they
> could, but perhaps there is even more appropriate hash for this use-case.
> I'm not entirely convinced doing hash for each BFD packet is impractical.
>
> [0] http://www.ietf.org/id/draft-mahesh-bfd-authentication-00.txt


You might want to take a look at:
http://www.ietf.org/proceedings/89/slides/slides-89-mpls-9.pdf

Look at the slides 11 onwards.

Doing HMAC calculation for each packet adversely affects the number of
concurrent sessions that can be supported.

Glen.


>
> --
>   ++ytti
>


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[178112] in North American Network Operators' Group

Re: Interesting BFD discussion on reddit

daemon@ATHENA.MIT.EDU (Glen Kent)Sun Feb 15 22:27:00 2015

daemon@ATHENA.MIT.EDU (Glen Kent)
Sun Feb 15 22:27:00 2015