large scale ipsec

Christopher Morrow morrowc.lists at
Fri Nov 1 15:07:47 UTC 2013

On Fri, Nov 1, 2013 at 10:30 AM, David Barak <thegameiam at> wrote:
> Hi Jan,
> Please define "large scale".  Is that by number of endpoints, throughput, or some other metric?  How big is big?

it's fair to believe that there are 'lots' of ipsec deployments where
there are ~1000 or so endpoints (network endpoints) connected in a
'vpn'. There are also certainly large volume ipsec deployments (I
recall an ipsec vpn problem at a former company for a single 400mbps
'flow' between endpoints, maybe david remembers this as well).

One might look at MS's documentation about deploying end-to-end ipsec
in their enterprise for one example of peer-to-peer ubiquitous ipsec.

it'd sure be helpful to have some dimensions to the OP's question though.


More information about the NANOG mailing list