Christian Hopps writes: > > For very slow tunnels such as your indicating, you are not worried > about out-of-order delivery; just set the reorder window to 0.
We do care about the replays even when we do not care about reorder, so setting reorder window to 0 is not acceptable, as that would effectively also set the replay window to 0, and this > FWIW, the interest we are aware of is for 1GE to 100GE general > purpose tunnels. I assume 1GE, means 1Gbit/s speed, i.e., with 1400 byte packets that means about 100k packets per second, and with 1000 packet replay window (which would be appropriate with that fast link), that means each packet drop adds 1/100 s = 10ms delay until the reorder window clears. Anyways I think this should be mentioned in the draft, even if you do not want to allow sending packets out as they come in, but delay and buffer each packet until window clears. -- kivi...@iki.fi _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
