06-21-2006 09:31 AM - edited 02-21-2020 02:29 PM
I have two branches connected via 1M leased line and utilization on the link is 80%
I would to implement VPN/IPSec. between these two branches and keep the same utilization percentage on the link
Should I increase the link B.W. ?
Is there any formula to calcualte the required B.W. after IPSec. ?
Anyone can help ?
Regards
Mohamed
06-21-2006 12:56 PM
Hi there Mohamed,
I've always been of the oppinion that 50% utilisation is high and anything over that needs looking at. I would increase the bandwidth.
If you want to IPsec on there too, then there will be an additional overhead for the new encapsulation, but this is on a per packet basis. You packet could be 64bytes or it could be 1500bytes, depending on traffic types. So it can be worked out, but you'll need to know your ave. packet size. Again, increasing the bandwidth will make the additional header irrelevant to a degree.
Regards,
LH
Please rate all posts
06-21-2006 11:14 PM
Hi,
What the percentage of bandwidth should we increase if we take the av. packet size 512byte for example ?
What is the equation ?
Regards
Mohamed
06-22-2006 12:25 AM
Hi there,
Looking at this RFC section 6.3.1 onwards, the additional can be from 52 to 68 bytes, depending on how you apply the IPsec.
http://mirrors.isc.org/pub/www.watersprings.org/pub/id/draft-aboba-ipsra-req-00.txt
So for a 512byte packet, you'll be looking at anything from 10% - 13% of overhead.
Regards,
LH
Please rate all posts
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide