Home page logo
/

nanog logo nanog mailing list archives

RE: VoIP over IPsec
From: "David Luyer" <david () luyer net>
Date: Wed, 19 Feb 2003 01:04:24 +1100


Iljitsch van Beijnum wrote:

So if the router uses tunnel mode (as per the RFC) despite the GRE
tunnel the packet has three IP headers... So that's 160 bits ethernet
layer 1 + 18 bytes ethernet layer 2 overhead, 24 bytes for the GRE
tunnel, 20 bytes for the IPsec tunnel mode IP header, 10 - 12 
bytes for
the ESP header, 16 bytes for the initialization vector, 20 
bytes for the
original IP header and finally 20 bytes for the RTP header. With a 40
byte payload that adds up to 188 bytes on the wire of which 78% is
overhead...

...leaving a dream of RTP as true and presumably light-weight
protocol, as per rfc753, 759, 760, 761, 793, etc.  Was this RTP
the protocol under NVP (as per rfc741)?  It was mentioned in
documents before UDP (first mentioned in rfc755 and defined in
rfc768), but I don't see any RFC ever defining it, and it doesn't
have a protocol number assigned in the early assigned number RFCs
(eg. rfc755, which is after UDP was conceived but before anything
was removed or re-used from the early allocations).

Of course that won't help the other overheads.  And there's still
a lot of the internet where you'd want to add cell tax then block
up to the next 53 bytes... do we have 90% overhead yet? ;-)

It's interesting that the original 'ST' and 'RTP' were thought of
in 1979 and 1981, but it was 1990 before 'ST-II' (rfc1190) and
1996 by the time the actual RTP was formalized (rfc1889, where it
is mentioned as being "typically [..] on top of UDP", but the option
is left open that it could be used directly as a protocol on top
of IP).  I'm sure I was using (commonly available) voice over
the 'net before 1996, but I think it was a horrible application
which sent duplicate UDP packets in the expectation of dropped
packets... probably still with less overhead than today's VoIP
over GRE over IPsec over EoMPLS over ATM type designs, despite the
packet duplication...

David.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]