IKEv1 product so it would have
been great to know where proprietary solutions stand relatively
speaking. Any pointers would be greatly appreciated.
-Original Message-
>From: Yoav Nir
>Sent: Nov 18, 2009 10:49 PM
>To: " "
>Cc: "ipsec@ietf.org"
>Subject:
What Dan and Gregory said.
But assuming an unloaded gateway, with "normal" hardware (Any Intel, AMD or
PowerPC processor from the last 10 years or a recent ARM), then even if you use
relatively secure parameters (2048-bit DH group, 2048-bit RSA keys) the round
trip time is going to dominate. Th
On Wed, Nov 18, 2009 at 10:00:22AM -0800, Gregory Lebovitz wrote:
> Additionally it will depend on the round trip time across the network
> between the two peers.
Ahh, of course.
> Vendors who are selling network boxes that can do a large number of
> simultaneous IKE negotiations tend to care mor
Additionally it will depend on the round trip time across the network
between the two peers.
Vendors who are selling network boxes that can do a large number of
simultaneous IKE negotiations tend to care more about simultaneous IKE SA
negotiations per second than they do the actual negotiation tim
On Tue, Nov 17, 2009 at 11:31:45PM -0700, hyla81...@mypacks.net wrote:
> Greetings. Is there any data out there that quantifies how long a typical
> IKEv1 session (main mode and/or aggressive mode) take to complete?
I don't think anyone's done a thorough survey of implementations or
parameters t
Greetings. Is there any data out there that quantifies how long a typical IKEv1
session (main mode and/or aggressive mode) take to complete?
Hyla
___
IPsec mailing list
IPsec@ietf.org
https://www.ietf.org/mailman/listinfo/ipsec