On Wed, 20 Jun 2001 [EMAIL PROTECTED] wrote:
> Pretty good stats. But please remember to take them with a grain of
> salt. For starters, 64 byte packet size are really small, and
> checkpoint isn't going to be doing much, if any, examination of the
> payload. Secondly, this is udp data, so there is no state information
> to be maintained or checked.
don't forget that ATM uses fixed length cells (not even packets) of 53
bytes. 5 byte header and 48 bytes of payload per cell. so, this whole
question of packet size when measuring performance is moot.
don't forget that the header doesn't contain much information about the
connection, just identifiers for the paths and channels. an ideal ATM
firewall would be able to examine the header and the table on the ATM
switch containing paths, channels, and ATM end node addresses and make
decisions based on this information.
and does it suport MPLS? QoS?
cisco has a good set of documentation on ATM (including CLIP, LANE, PVCs
etc ...), IBM has a great redbook on ATM, and various other high
performance networking discussions include ATM.
in short to really make use of it you'll need a firewall really designed
for ATM, as people are saying.
FWIW, a brief into to ATM can be found here:
http://vulcan.ee.iastate.edu/~dougj/ATM/cells.html
____________________________
jose nazario [EMAIL PROTECTED]
PGP: 89 B0 81 DA 5B FD 7E 00 99 C3 B2 CD 48 A0 07 80
PGP key ID 0xFD37F4E5 (pgp.mit.edu)
_______________________________________________
Firewalls mailing list
[EMAIL PROTECTED]
http://lists.gnac.net/mailman/listinfo/firewalls
