On 7/12/07, Derek Atkins <[EMAIL PROTECTED]> wrote: > "Drew Van Zandt" <[EMAIL PROTECTED]> writes: > > I saw the various discussions of OpenVPN TCP vs. UDP on the list, and in > > particular saw some people saying "TCP over TCP is bad, avoid unless > > necessary" and others saying "That's only under rare circumstances." I > TCP over TCP *is* bad because you're running the congestion control > portions twice and they interact BADLY. If you have any (real) > congestion or packet loss, TCP over TCP will just lose very badly. > I've tested this in many different configurations in a former job > when I was running ppp over ssh and let me tell you I was SO much > happier once I switched to SSH port forwarding!
But from a practical standpoint, it only *really* makes a difference when you have massive packet loss on a link. This is why most people who DO use it don't see the huge deal, because the majority of the time, packet loss isn't a problem. There is, however, also the issue of TCP connections requiring more overhead to provide a connection then UDP. On the other hand, passing TCP connections thru a NAT is much easier then getting inbound UDP packets to get thru. -- -- Thomas _______________________________________________ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/