From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org)
	by finch.gentoo.org with esmtp (Exim 4.60)
	(envelope-from <gentoo-user+bounces-134747-garchives=archives.gentoo.org@lists.gentoo.org>)
	id 1RvvLd-0005K3-Kb
	for garchives@archives.gentoo.org; Fri, 10 Feb 2012 18:37:30 +0000
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id DFBA4E0648;
	Fri, 10 Feb 2012 18:37:20 +0000 (UTC)
Received: from mail2.viabit.com (mail2.viabit.com [65.246.80.16])
	by pigeon.gentoo.org (Postfix) with ESMTP id A4A03E0587
	for <gentoo-user@lists.gentoo.org>; Fri, 10 Feb 2012 18:36:16 +0000 (UTC)
Received: from [10.1.1.204] (unknown [65.213.236.244])
	(using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mail2.viabit.com (Postfix) with ESMTPSA id 10D5A3837E
	for <gentoo-user@lists.gentoo.org>; Fri, 10 Feb 2012 13:36:11 -0500 (EST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=orlitzky.com; s=mail2;
	t=1328898975; bh=NOeHYrMqyjAcbROd3i297CsgYGJDG0kKVQHXckH7eAo=;
	h=Message-ID:Date:From:MIME-Version:To:Subject:References:
	 In-Reply-To:Content-Type:Content-Transfer-Encoding;
	b=A4hUPsjcyhaUPluMYWdZP97W2Ov0ei3KnWHTHIyDHwIV4ndbjNwWQG8oskXIMsIXz
	 OnFmVzjiY0iaKR2dPifVNcfCk6NoXJ0QcYQXOHsSYypq4HkAofVcLmhWJXy0HHnT9P
	 5YUbPUheWADDxKDmUgzFEwno3BK5TF2jMiP+TfCs=
Message-ID: <4F356399.7030304@orlitzky.com>
Date: Fri, 10 Feb 2012 13:36:09 -0500
From: Michael Orlitzky <michael@orlitzky.com>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:9.0) Gecko/20120116 Thunderbird/9.0
Precedence: bulk
List-Post: <mailto:gentoo-user@lists.gentoo.org>
List-Help: <mailto:gentoo-user+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-user+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-user+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-user.gentoo.org>
X-BeenThere: gentoo-user@lists.gentoo.org
Reply-to: gentoo-user@lists.gentoo.org
MIME-Version: 1.0
To: gentoo-user@lists.gentoo.org
Subject: Re: [gentoo-user] Re: Recommended VPN Tunnel client?
References: <CAA2qdGUVF7Vx+=kqU97j3qbjN0oRw-0dEqbOc4ffzJpY_dQneA@mail.gmail.com> <CAA2qdGUL622yHY39d8NqSRw5XxcGrz_T6dpcJ6cmwKNx8S9dPg@mail.gmail.com> <201202101505.06700.michaelkintzios@gmail.com> <CAA2qdGXyGJh55Ozj2HwrVs9aFMQsuwhhFZvKVqSQhf9Yasj0ig@mail.gmail.com> <4F355057.4050101@orlitzky.com> <CAA2qdGX7nf+5RDa-MMKy9JHCu+ZbyBFOoJ=NS_G5QL3Tx_ckTw@mail.gmail.com> <CA+czFiDYEB=aWwuRN9cJ6JJTNLYCXJT08EYbYrdu6BSFaG8sMA@mail.gmail.com> <CAA2qdGVe-wm3Gx70hXNiNLdV-nKdjgVhZf30dm0HWrLkhnn5pg@mail.gmail.com>
In-Reply-To: <CAA2qdGVe-wm3Gx70hXNiNLdV-nKdjgVhZf30dm0HWrLkhnn5pg@mail.gmail.com>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
X-Archives-Salt: c3d3804b-9b66-4056-aaa6-0ea486ad2ac8
X-Archives-Hash: 226ecd69f0f3030ffbed711986183e33

On 02/10/12 13:05, Pandu Poluan wrote:
> 
> No, no, no. What I meant was running TCP and UDP *on top of* OpenVPN
> (which uses UDP).
> 
> HAproxy seems to be able to perform its magic with TCP connections.
> 

I was about to say that we use it over UDP, but... we don't. We have a
small number of clients, maybe ten(?) that use the VPN for remote
administration.

UDP is recommended, references[1] are easy to google. Why we're running
it over TCP I don't know. I must have had a good reason =)

It performs fine anyway, but now I'm considering flipping it to UDP to
see what happens. At least I'll be in the office when it breaks.



[1] http://sites.inka.de/sites/bigred/devel/tcp-tcp.html