[71253] in North American Network Operators' Group
Re: MD5 BGP performance on a VXR?
daemon@ATHENA.MIT.EDU (Patrick W.Gilmore)
Fri Jun 11 14:49:29 2004
In-Reply-To: <DBAD91D20C45A24B9BA50134B59969DB0EF973EF@bremo-lg-55>
Cc: Patrick W.Gilmore <patrick@ianai.net>
From: Patrick W.Gilmore <patrick@ianai.net>
Date: Fri, 11 Jun 2004 14:44:41 -0400
To: nanog@merit.edu
Errors-To: owner-nanog-outgoing@merit.edu
On Jun 11, 2004, at 8:21 AM, Newell, Tony wrote:
> My first question would be how big is your prefix list per BGP session?
> What is really going to task this router with 25 sessions is the BGP
> Scanner and BGP Router processes. To my knowledge MD5 is just for
> authenticating the session. I could be wrong.
Every TCP packet in the BGP session (including HELLOs) will have to go
through the MD5 process.
This happens even if things like the sequence number is wrong (at least
on some versions of IOS).
--
TTFN,
patrick
