nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Interesting BFD discussion on reddit

From: Saku Ytti <saku () ytti fi>
Date: Mon, 16 Feb 2015 14:46:22 +0200
On (2015-02-16 08:55 +0530), Glen Kent wrote:

Hey,


You might want to take a look at:
http://www.ietf.org/proceedings/89/slides/slides-89-mpls-9.pdf

Look at the slides 11 onwards.

Doing HMAC calculation for each packet adversely affects the number of
concurrent sessions that can be supported.


I don't understand the slidedeck. Lets take slide 13, 'hardware support' for
authentication.
Why in quotes? What hardware is doing the hashing here? Which hash algo? How
many cycles per byte for BFD how many more for BFD with algoX?

On x86 CPUs it's anything from 1 to 20 cycles per byte, depending on hash
algorithm, but HW implementation would be much more efficient.
Of course if HW is done serial to the BFD receive/send, then there is non-zero
performance cost regardless of how fast the HW is.
Separate parallel HW implementation is probably not practical today, as you'd
need to use what ever primitives your NPU has? So practical question would
ask, what algo is implementable in Trio/EZchip and how would it impact the
cycles per BFD packet?

Page 14 appears to be only slide doing HW in auth, but I can't be sure, as
first example claims 'auth in soft', second does not. Is there only one
example in whole slidedeck with auth in hardware, if so, how come ratio in the
first example and last examaple in page 14 is same 1/8th, implying HW brings 0
benefit?

-- 
  ++ytti
Previous By Date Next
Previous By Thread Next

Current thread: