B.Candler at pobox.com
Fri Dec 30 04:17:12 PST 2005
On Thu, Dec 29, 2005 at 01:38:15PM +0100, VANHULLEBUS Yvan wrote:
> > "Known issues:
> > - Non-threaded implementation. Simultaneous key negotiation performance
> > should be improved."
> > I think that would limit its usefulness as a scalable concentrator, if the
> > comment is still valid.
> The comment is still valid, but impact is not so strong.
> Key negociations doesn't happen so much during an IPSec tunnel
> lifetime, and negociating simultaneous SAs will be slow even with a
> multi-threaded implementation if you have a low-end CPU.
You could have a crypto accelerator card even in a low-end CPU.
My concern is with long network RTTs to the clients, and packet loss.
Anything like that which slows down the exchange will block out other
clients from negotiating, if I understand rightly.
With 10,000 clients and a phase 2 SA lifetime of one hour, that's a lot of
negotiations going on, and one badly-behaved connection could cause a
backlog of outstanding SA negotiations and probably a meltdown.
Another issue is with DoS. Is it possible for an attacker to start an IKE
exchange and get sufficiently far through it that they can block out other
negotiations, before getting to the point of needing to provide valid
More information about the freebsd-net