OpenVPN TCP vs UDP
Derek Atkins
warlord at MIT.EDU
Thu Jul 12 12:50:45 EDT 2007
"Drew Van Zandt" <drew.vanzandt at gmail.com> writes:
> I saw the various discussions of OpenVPN TCP vs. UDP on the list, and in
> particular saw some people saying "TCP over TCP is bad, avoid unless
> necessary" and others saying "That's only under rare circumstances." I
> switched the work VPN from TCP (which it has been for almost a year) to UDP,
> and users at remote offices are reporting that operations which formerly took
> 10-12 seconds (opening a file on a network share) now take <1 second. I
> thought that was worth mentioning on-list...
TCP over TCP *is* bad because you're running the congestion control
portions twice and they interact BADLY. If you have any (real)
congestion or packet loss, TCP over TCP will just lose very badly.
I've tested this in many different configurations in a former job
when I was running ppp over ssh and let me tell you I was SO much
happier once I switched to SSH port forwarding!
> --DTVZ
-derek
--
Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
Member, MIT Student Information Processing Board (SIPB)
URL: http://web.mit.edu/warlord/ PP-ASEL-IA N1NWH
warlord at MIT.EDU PGP key available
More information about the gnhlug-discuss
mailing list