OpenVPN TCP vs UDP
Derek Atkins
warlord at MIT.EDU
Thu Jul 12 13:11:50 EDT 2007
"Thomas Charron" <twaffle at gmail.com> writes:
> But from a practical standpoint, it only *really* makes a difference
> when you have massive packet loss on a link. This is why most people
> who DO use it don't see the huge deal, because the majority of the
> time, packet loss isn't a problem.
Well, if by "massive" you mean "5%", then sure. Packet loss as little
as 5% can set off the cascading TCP congestion control problem.
Granted, it's not as bad as it COULD be -- the network just stops
working completely when you get up to 20% loss.
> There is, however, also the issue of TCP connections requiring more
> overhead to provide a connection then UDP. On the other hand, passing
> TCP connections thru a NAT is much easier then getting inbound UDP
> packets to get thru.
All depends on your NAT gateway. There are ways to make it work.
Most NAT gateways work just fine with bi-directional UDP protocols.
You just need to make sure you have NAT keepalives in order to keep
the mappings open. It's really not much of a problem if you plan for
it, and the added value of running this technology over UDP vastly
outweighs the issues you can get running it over TCP.
Just my $0.02, but it was a very hard-earned $0.02! ;)
> -- Thomas
-derek
--
Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
Member, MIT Student Information Processing Board (SIPB)
URL: http://web.mit.edu/warlord/ PP-ASEL-IA N1NWH
warlord at MIT.EDU PGP key available
More information about the gnhlug-discuss
mailing list