From: Todd Goodman <tsg@bonedaddy.net>
To: gentoo-user@lists.gentoo.org
Subject: Re: [gentoo-user] Re: Recommended VPN Tunnel client?
Date: Fri, 10 Feb 2012 13:22:27 -0500 [thread overview]
Message-ID: <20120210182227.GW7675@ns1.bonedaddy.net> (raw)
In-Reply-To: <CA+czFiBTL_s4oGkGZjeGgGAzB1q2gv1OtWRtuHty7sqUpk_ZYg@mail.gmail.com>
* Michael Mol <mikemol@gmail.com> [120210 12:51]:
[..]
> That's what I was talking about. Where I work, we use OpenVPN,
> operating in UDP mode. This is after several bad experiences using it
> in TCP mode.
>
> By "UDP mode" and "TCP mode", I mean OpenVPN's connections to other
> OpenVPN nodes were in UDP or TCP, respectively. When OpenVPN's
> connections operate over TCP (and thus it gets guarantee'd delivery),
> you can create a situation where a tunneled TCP connection attempts to
> push data faster than your Internet connection can allow because it
> never gets any congestion feedback; OpenVPN was accepting packets
> faster than it could shove them through, and was buffering the rest.
So obviously OpenVPN wasn't handling congestion appropriately and should
have been using some queueing discipline to discard instead of letting
transmit queues grow unbounded.
But switching to UDP from TCP just pushes the problem off your OpenVPN
gateway and onto the "outside" network.
If you're really receiving more traffic than can be sent over the
"outside" network, now you're relying on intermediate routers to "do the
right thing" with your excess UDP traffic and most likely impacting TCP
traffic through the same router.
Todd
next prev parent reply other threads:[~2012-02-10 18:58 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-02-10 3:48 [gentoo-user] Recommended VPN Tunnel client? Pandu Poluan
2012-02-10 4:42 ` [gentoo-user] " Pandu Poluan
2012-02-10 15:04 ` Mick
2012-02-10 16:46 ` Pandu Poluan
2012-02-10 17:13 ` Michael Orlitzky
2012-02-10 17:29 ` Pandu Poluan
2012-02-10 17:40 ` Michael Mol
2012-02-10 18:05 ` Pandu Poluan
2012-02-10 18:20 ` Michael Mol
2012-02-10 18:22 ` Todd Goodman [this message]
2012-02-10 19:07 ` Michael Mol
2012-02-10 19:21 ` Todd Goodman
2012-02-10 20:12 ` Michael Mol
2012-02-10 18:36 ` Michael Orlitzky
2012-02-10 20:14 ` Michael Orlitzky
2012-02-10 22:52 ` wdk@moriah
2012-02-10 15:12 ` [gentoo-user] " Michael Mol
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20120210182227.GW7675@ns1.bonedaddy.net \
--to=tsg@bonedaddy.net \
--cc=gentoo-user@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox