Steve -- I asked my colleague, Professor Hari Balakrishnan, also of MIT's Laboratory for Computer Science, about IP packet sizes. He said: "I think they first issue to be aware of is that packet sizes on the Internet are highly bi-modal (actually multi-modal). Many packets are small, about 40 bytes or 52 bytes (TCP acknowledgments without and with the timestamp option). The next interesting size is around 552 bytes (actually it is a spread in the 552-576 bytes region). 576 bytes corresponds to default-sized IP datagrams. The third mode is around 1500 bytes, corresponding to Ethernet MTUs, and since most paths on the Internet can handle this size, many end-to-end connections have packets of this size. There is a fourth much-smaller mode around 4KBytes, corresponding to the FDDI MTU." "Anyway, if you factor all this in it all comes down to an average of about 350-450 bytes per packet. But the odds of seeing a 400-byte packet when snarfing packets at a backbone at random are slim indeed (HTTP requests and last packets of streams)! "There is a paper from IEEE Network 1998 that has detailed data and analysis from the MCI backbone of 1997. More recent data, which doesn't really alter any of the above qualititative statements I've made, can be found at the NLANR web site. They have tons of data from the fairly busy FIX-West backbone point in San Diego." "See http://moat.nlanr.net/PMA/ for more details, some extremely gory!" "To first order, I would use the 576 bytes number. The future wired Internet in 4-5 years is more likely to be larger, for 2 reasons: - with path MTU discovery becoming more widely implemented, we are tending towards 1500 byte MTUs - If IPv6 gets more widely deployed as is possible, its minimum MTU is on the order of 1280 or 1380 bytes." "Small packets (like ACKs) are likely to remain 40 or 52 bytes with IPv4 and about 60 or 72 bytes for TCP/IPv6 (my guess)." This supports my earlier perception that average IP packet sizes seem to be increasing with time, and are likely to continue to do so, making subkey generation time even less of a concern as time goes on... Cheers, Ron
