----- Original Message -----
From: "Brandon Martin" <lists.nanog@monmotha.net>
The nice thing is that such emergency alerts don't require confidentiality and can relatively easily bear in-band, application-level authentication (in fact, that seems preferable to only using session-level authentication). That means you could easily carry them over plain HTTP or similar which removes the TLS overhead you mention.
Sure. Just signing the alert packet so it can be authenticated is plenty.
Several GB of RAM is nothing for a modern server, of course. It sounds like you'd probably run into other scaling issues before you hit memory limitations needed to juggle legitimate TCP connection state.
Well, yeah, but I don't know that it's *just* RAM; I suspect it might be data structure as well... Cheers, -- jra -- Jay R. Ashworth Baylink jra@baylink.com Designer The Things I Think RFC 2100 Ashworth & Associates http://www.bcp38.info 2000 Land Rover DII St Petersburg FL USA BCP38: Ask For It By Name! +1 727 647 1274