OpenVPN bridging with only one interface?
Ben Scott
dragonhawk at gmail.com
Thu Feb 9 11:26:00 EST 2006
On 2/9/06, Bill McGonigle <bill at bfccomputing.com> wrote:
> Also note the current release of OpenSSH provides layer2/3 vpn
> functionality.
Interesting. A quick check shows that it's still TCP based.
Running a layer 3 tunnel over TCP tends to suck a lot in a number of
situations (lots of UDP; packet loss; high latency).
I've just been putting OpenVPN into production deployment myself.
In general, I find it works impressively well. I guess the X.509
certificate setup confuses a lot of people, but I already know far too
much about that (thanks to IPsec), so that didn't faze me. I'm still
seeing some issues with path-MTU-discovery brain-damage on the
Internet in general, but that's a universal problem.
-- Ben
More information about the gnhlug-discuss
mailing list