Hi, on Roaming: I have quite good experience with roaming when using unencrypted wifi and securing it with OpenVPN. In this setup you have your access point connected to a firewall (with OpenVPN installed) and do encryption from wifi device to the OpenVPN enabled firewall instead of to the AP.
> What encryption settings? It makes a difference here.
So here my short hint to people who use an unencrypted AP and have
OpenVPN set up to secure the communication of their own devices.
Do not use OpenVPN over TCP for the reasons Kalle already mentioned.
TCP thinks that paket loss is
a) a faulty connection
b) bandwith is exceeded
So TCP will slow down the connection to a minimum and raise the speed
slowly until there are errors. TCP is good for wire networks but does
not perform that well in wifi networks in the default setup.
So if you use UDP for you OpenVPN there is no TCP messing with your
connection and due to the UDP Protocol OpenVPN needs to handle the
retransmissions which it does quite well :)
I get about 20 to 30 Mbit (802.11g) throughput when using OpenVPN over
UDP instead of about 5 Mbit throughput when using OpenVPN over TCP (this
is measured using nload on my laptop when down and uploading files
from/to my samba fileserver)
Why not use WPA? Cheap access point to not allow for virtual APs
So you can't have WPA for your devices and still offer free unecrypted
access to the internet for anyone else.
Why connecting the APs to the Firewall and not to the internal network?
On the Firewall you can block all traffic from the wifi devices to your
internal network and allow it if they are connected by openvpn.
You still could allow non-openvpn devices to connect to the outside
world (internet) but not to your hosts.
HTH somebody :-)
cya,
Michael
PS. I have read VNC many times already, in most cases I wonder why not
using FreeNX for that?! Has anyone ported the client, yet?
signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil
_______________________________________________ maemo-developers mailing list maemo-developers@maemo.org https://lists.maemo.org/mailman/listinfo/maemo-developers
