nanog mailing list archives
RE: VoIP over IPsec
From: "David Luyer" <david () luyer net>
Date: Wed, 19 Feb 2003 01:04:24 +1100
Iljitsch van Beijnum wrote:
So if the router uses tunnel mode (as per the RFC) despite the GRE tunnel the packet has three IP headers... So that's 160 bits ethernet layer 1 + 18 bytes ethernet layer 2 overhead, 24 bytes for the GRE tunnel, 20 bytes for the IPsec tunnel mode IP header, 10 - 12 bytes for the ESP header, 16 bytes for the initialization vector, 20 bytes for the original IP header and finally 20 bytes for the RTP header. With a 40 byte payload that adds up to 188 bytes on the wire of which 78% is overhead...
...leaving a dream of RTP as true and presumably light-weight protocol, as per rfc753, 759, 760, 761, 793, etc. Was this RTP the protocol under NVP (as per rfc741)? It was mentioned in documents before UDP (first mentioned in rfc755 and defined in rfc768), but I don't see any RFC ever defining it, and it doesn't have a protocol number assigned in the early assigned number RFCs (eg. rfc755, which is after UDP was conceived but before anything was removed or re-used from the early allocations). Of course that won't help the other overheads. And there's still a lot of the internet where you'd want to add cell tax then block up to the next 53 bytes... do we have 90% overhead yet? ;-) It's interesting that the original 'ST' and 'RTP' were thought of in 1979 and 1981, but it was 1990 before 'ST-II' (rfc1190) and 1996 by the time the actual RTP was formalized (rfc1889, where it is mentioned as being "typically [..] on top of UDP", but the option is left open that it could be used directly as a protocol on top of IP). I'm sure I was using (commonly available) voice over the 'net before 1996, but I think it was a horrible application which sent duplicate UDP packets in the expectation of dropped packets... probably still with less overhead than today's VoIP over GRE over IPsec over EoMPLS over ATM type designs, despite the packet duplication... David.
Current thread:
- Re: VoIP over IPsec, (continued)
- Re: VoIP over IPsec Petri Helenius (Feb 16)
- Re: VoIP over IPsec Jared Mauch (Feb 17)
- Re: VoIP over IPsec Stephen Sprunk (Feb 16)
- Re: VoIP over IPsec Steven M. Bellovin (Feb 17)
- Re: VoIP over IPsec Charlie Clemmer (Feb 17)
- Re: VoIP over IPsec Stephen Sprunk (Feb 17)
- Re: VoIP over IPsec Steve Feldman (Feb 17)
- Re: VoIP over IPsec Iljitsch van Beijnum (Feb 17)
- Re: VoIP over IPsec Petri Helenius (Feb 17)
- Re: VoIP over IPsec Iljitsch van Beijnum (Feb 18)
- RE: VoIP over IPsec David Luyer (Feb 18)
- RE: VoIP over IPsec Vadim Antonov (Feb 18)
- Re: VoIP over IPsec Stephen Sprunk (Feb 18)
- Re: VoIP over IPsec Iljitsch van Beijnum (Feb 18)
- Re: VoIP over IPsec Vadim Antonov (Feb 18)
- Re: VoIP over IPsec Iljitsch van Beijnum (Feb 17)
- Re: VoIP over IPsec Petri Helenius (Feb 16)
- Re: VoIP over IPsec Kurt Erik Lindqvist (Feb 18)