Note for Moderator. This is not crypto but TOE being the solution to
networking performance problems is a perception that is dangerous to
leave in the crypto community.
On Jul 23, 2009, at 11:45 PM, Nicolas Williams wrote:
On Thu, Jul 23, 2009 at 05:34:13PM +1200, Peter Gutmann wrote:
"mhey...@gmail.com" <mhey...@gmail.com> writes:
2) If you throw TCP processing in there, unless you are
consistantly going to
have packets on the order of at least 1000 bytes, your crypto
algorithm is
almost _irrelevant_.
[...]
for a Linux 2.2.14 kernel, remember, this was 10 years ago.
Could the lack of support for TCP offload in Linux have skewed
these figures
somewhat? It could be that the caveat for the results isn't so
much "this was
done ten years ago" as "this was done with a TCP stack that ignores
the
hardware's advanced capabilities".
How much NIC hardware does both, ESP/AH and TCP offload? My guess:
not
much. A shame, that.
Once you've gotten a packet off the NIC to do ESP/AH processing,
you've
lost the opportunity to use TOE.
IPSEC offload can have value. TOE are far more controversial.
TOEs that are implemented in a slow processor in a NIC card have been
shown many times to be ineffective compared to keeping TCP in the
fastest CPU (where it is now). For vendors that can't optimize their
TCP implementation (because it is just too complicated for then?) TOE
is a siren call that detracts them from their real problem. Look at
Van Jacobson post of May 2000 entitled "TCP in 30 instructions".
http://www.pdl.cmu.edu/mailinglists/ips/mail/msg00133.html
There was a paper about this, but I am at a loss to find it. One can
go even farther back to "An Analysis of TCP Processing Overhead",
Clark, Jacobson, Romkey and Salwen in 1989 which states "The protocol
itself is a small fraction of the problem".
http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.75.5741
Back to crypto please.
Nico
--
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com