[nsp] MD5 causes bigger problem than it fixes?

[Dan Hollis]

On Wed, 21 Apr 2004, Niels Bakker wrote:
> >>    - I'd really like something better than "have your upstreams
> >>      filter,"
> >> is there a solution to protect against this issue?
> > BGP-over-IPSEC ?
> Same CPU issue as MD5, is it not?  For directly connected sessions
> there's the TTL hack (if Juniper implements it soon too, at least).
> No router is bad at dropping packets, but performance, as always, varies.

I cant imagine GTSM taking more CPU than MD5. GTSM also means you don't 
have to juggle thousands of keys.

-Dan