tech-net archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: TCP timestamp starting value



On Tue, Jul 26, 2016 at 12:09:04PM +0200, Joerg Sonnenberger wrote:
> 
> MD5 or any other cryptographic hash.

I think this is too expensive.  Consider a system which initiates 300,000
TCP connections per second (I have built NetBSD-based products that were
in this ballpark, at least as a design goal).  With IPv6 addresses, that
is 40 bytes per connection, or 12MB/sec of MD5.

That's between 5% and 10% of a modern CPU core.  Using a modern cryptographic
hash would make it much worse.  Do we really want to burn that for this
reason?

Thor


Home | Main Index | Thread Index | Old Index