Comments

Copyright © 2011 Glyndŵr University and the authors, all rights reserved. This paper was first presented at The 4th International Conference on Internet Technologies and Applications, Glyndwr University September 6-9, 2011, Wrexham, UK and published in the conference proceedings by Glyndŵr University.

Permission to copy, reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution must be obtained from Glyndŵr University. By choosing to view this document, you agree to all provisions of the copyright laws protecting it. It is published here with the permission of the Authors the conference website can be viewed at http://www.ita11.org/index.html and the full proceedings are available to purchase at http://bit.ly/NePm1F

Abstract

The infrastructure of large networks is broken down into areas that have a common security policy called a domain. Security within a domain is commonly implemented at all nodes however this has a negative effect on performance since it introduces a delay associated with packet filtering. Recommended techniques for network design imply that every packet should be checked at the first possible ingress points of the network. When access control lists (ACL's) are used within a router for this purpose then there can be a significant overhead associated with this process. The purpose of this paper is to consider the effect of delays when using router operating systems offering different levels of functionality. It considers factors which contribute to the delay particularly due to ACL. Using theoretical principles modified by practical calculation a model is created for packet delay for all nodes across a given path in a domain.

Disciplines

Computer and Systems Architecture | Digital Communications and Networking | Hardware Systems | Systems and Communications

Recommended Citation

Davies, J.N, Comerford, P. and Grout, V. (2011) Optimization of delays experienced by packets due to ACLs within a domain” [Paper presented to The 4th International Conference on Internet Technologies and Applications, Glyndwr University held at Glyndŵr University, 6-9th September, 2011]. Published in the Conference Proceedings pp. 277-284.