Optimization of delays experienced by packets due to ACLs within a domain

Davies, John N, Comerford, Paul and Grout, Vic (2011) Optimization of delays experienced by packets due to ACLs within a domain. In: UNSPECIFIED.


Download (369kB) | Preview


The infrastructure of large networks is broken down into areas that have a common security policy called a domain. Security within a domain is commonly implemented at all nodes however this has a negative effect on performance since it introduces a delay associated with packet filtering. Recommended techniques for network design imply that every packet should be checked at the first possible ingress points of the network. When access control lists (ACL's) are used within a router for this purpose then there can be a significant overhead associated with this process. The purpose of this paper is to consider the effect of delays when using router operating systems offering different levels of functionality. It considers factors which contribute to the delay particularly due to ACL. Using theoretical principles modified by practical calculation a model is created for packet delay for all nodes across a given path in a domain.

Item Type: Conference or Workshop Item
Additional Information: Copyright © 2011 Glyndŵr University and the authors, all rights reserved. This paper was first presented at The 4th International Conference on Internet Technologies and Applications, Glyndwr University September 6-9, 2011, Wrexham, UK and published in the conference proceedings by Glyndŵr University. Permission to copy, reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution must be obtained from Glyndŵr University. By choosing to view this document, you agree to all provisions of the copyright laws protecting it. It is published here with the permission of the Authors the conference website can be viewed at http://www.ita11.org/index.html and the full proceedings are available to purchase at http://bit.ly/NePm1F
Keywords: Routing, Domain, Performance, Delay through Routers, Access Control List, Firewalls, Inter-Firewall Optimisation, IP packet filtering
Divisions: ?? GlyndwrUniversity ??
Depositing User: ULCC Admin
Date Deposited: 17 Jul 2012 00:12
Last Modified: 11 Dec 2017 20:07
URI: https://glyndwr.repository.guildhe.ac.uk/id/eprint/3808

Actions (login required)

Edit Item Edit Item