Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
432
Views
0
Helpful
3
Replies

SD-WAN Added Latency question

Go to solution
RICHARD MESSINGER
Level 7
Level 7

‎08-07-2024 05:57 AM

customer is asking what the expected latency that will be added by the encryption of traffic through the device?

They are concerned with what either a Viptela or Meraki SD-WAN design would add to the overall latency for traffic.  They are primarily sending and receiving engineering drawings so I imagine that files will be expanded in the encryption process.

Any rule of thumb would be appreciated.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Joseph W. Doherty
Hall of Fame
Hall of Fame

‎08-07-2024 06:36 AM

Good question. Much would depend on devices doing actual encrypt/decrypt.

Can say, have used many non SD-WAN encrypted tunnels across Internet for "typical" apps, including (well working) VoIP and VidConf, and (hardware supported) encryption latency never was on my radar.

Regarding encryption expansion, again for non SD-WAN, data was 1:1 but often close to an extra 100 bytes per packet for overhead.  Big files like engineering drawing least impacted by additional overhead.  Small packets, e.g. telnet or TCP ACKs, most impacted.

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Joseph W. Doherty
Hall of Fame
Hall of Fame

‎08-07-2024 06:36 AM

Good question. Much would depend on devices doing actual encrypt/decrypt.

Can say, have used many non SD-WAN encrypted tunnels across Internet for "typical" apps, including (well working) VoIP and VidConf, and (hardware supported) encryption latency never was on my radar.

Regarding encryption expansion, again for non SD-WAN, data was 1:1 but often close to an extra 100 bytes per packet for overhead.  Big files like engineering drawing least impacted by additional overhead.  Small packets, e.g. telnet or TCP ACKs, most impacted.

0 Helpful

Go to solution
RICHARD MESSINGER
Level 7
Level 7
In response to Joseph W. Doherty

‎08-07-2024 09:58 AM

Thank you.  Just making sure that it is the old engineering answer.  It all depends....

0 Helpful

Go to solution
Joseph W. Doherty
Hall of Fame
Hall of Fame
In response to RICHARD MESSINGER

‎08-07-2024 10:50 AM

@RICHARD MESSINGER wrote:

Thank you.  Just making sure that it is the old engineering answer.  It all depends....

Indeed, and often very true, too.

BTW, when working with encrypted tunnels, one major issue to avoid was IP fragmentation due to the additional overhead.  I don't know what SD-WAN does about that.

Again, additional latency, due to actual encryption/decryption (hardware supported), was not on my radar.  Big issues, running across the WAN was end-to-end distance based latency, and issues due to congestion.

For something like engineering (CADD?) drawings, they, I recall, may compress well, but that's not usually an implicit feature of encryption, although, also again, regardless of data content, encryption doesn't care, data converted 1 for 1.  Pre-compressed engineering drawings should take less time to convey, end-to-end.  (BTW, encrypted data generally doesn't compress well, if at all, or may even expand!)

Biggest potential downside if transmitting a lot of engineering drawings, they may clog the pipe for all other traffic, unless there's active QoS.

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card