[karp] BFD Authentication costs

"Joel M. Halpern" <jmh@joelhalpern.com> Wed, 31 July 2013 11:31 UTC

Return-Path: <jmh@joelhalpern.com>
X-Original-To: karp@ietfa.amsl.com
Delivered-To: karp@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id 1614A21F9E33 for <karp@ietfa.amsl.com>; Wed, 31 Jul 2013 04:31:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.634
X-Spam-Status: No, score=-102.634 tagged_above=-999 required=5 tests=[AWL=-0.035, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id Mr73NQel4zGQ for <karp@ietfa.amsl.com>; Wed, 31 Jul 2013 04:31:07 -0700 (PDT)
Received: from mailb2.tigertech.net (mailb2.tigertech.net []) by ietfa.amsl.com (Postfix) with ESMTP id AB35D21F9B90 for <karp@ietf.org>; Wed, 31 Jul 2013 04:31:03 -0700 (PDT)
Received: from localhost (localhost []) by mailb2.tigertech.net (Postfix) with ESMTP id 68EB41C0452 for <karp@ietf.org>; Wed, 31 Jul 2013 04:31:03 -0700 (PDT)
X-Virus-Scanned: Debian amavisd-new at b2.tigertech.net
Received: from dhcp-427a.meeting.ietf.org (dhcp-427a.meeting.ietf.org []) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mailb2.tigertech.net (Postfix) with ESMTPSA id D7ED01C044E for <karp@ietf.org>; Wed, 31 Jul 2013 04:31:02 -0700 (PDT)
Message-ID: <51F8F576.8020205@joelhalpern.com>
Date: Wed, 31 Jul 2013 07:31:02 -0400
From: "Joel M. Halpern" <jmh@joelhalpern.com>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:17.0) Gecko/20130620 Thunderbird/17.0.7
MIME-Version: 1.0
To: "karp@ietf.org" <karp@ietf.org>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Subject: [karp] BFD Authentication costs
X-BeenThere: karp@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Discussion list for key management for routing and transport protocols <karp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/karp>, <mailto:karp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/karp>
List-Post: <mailto:karp@ietf.org>
List-Help: <mailto:karp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/karp>, <mailto:karp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 31 Jul 2013 11:31:13 -0000

The presentation on the cost of BFD authentication was interesting.  And 
the suggestion from the crypto folks that there are far more efficient 
mechanisms is clearly worth looking at.

But a related question occurred to me.

In practice, on most devices, when BFD is run at low intervals it is 
done directly on the line card.  Doesn't this mean that in most 
topologies the number of sessions is roughly the same as the number of 
physical ports on the device?