> > > > I wonder if Trio, EZChip and friends could do SHA in NPU, my guess is yes > they > could, but perhaps there is even more appropriate hash for this use-case. > I'm not entirely convinced doing hash for each BFD packet is impractical. > > [0] http://www.ietf.org/id/draft-mahesh-bfd-authentication-00.txt
You might want to take a look at: http://www.ietf.org/proceedings/89/slides/slides-89-mpls-9.pdf Look at the slides 11 onwards. Doing HMAC calculation for each packet adversely affects the number of concurrent sessions that can be supported. Glen. > > -- > ++ytti >