I vote for Patrick's idea of allowing the end user to remote into a machine where the SQL resides.
This would eliminate a lot of potential issues....wish I had thought of that first!!! > Subject: RE: VPN over slow Internet connections > Date: Thu, 21 Apr 2011 13:10:09 -0400 > From: [email protected] > To: [email protected]; [email protected] > > > There's not that much overhead--your certs should be ok. TCP for SQL would > just make sense. I personally wouldn't want to do what you are > contemplating. Here's some stuff to think about: > > 1. your modems will not be able to do compression. You can't easily > compress random data (e.g. encrypted). > 2. you won't get 33.6 unless your phone lines are pristine. You better plan > on 28.8--if you are lucky. > 3. I would hone my SQL sharply so it produces the smallest most relevant > data sets possible. > > 4. you might want to give them some kind of termnial/shell access for doing > their SQL remotely, instead of from home. Telnet or SSH. If you used SSH > you could obviate using a separate VPN, you could use -C for compression, and > you could do your SQL on the server side (or the on-site side)--all in all a > speedier alternative. > > --Patrick Darden > > > -----Original Message----- > From: Ben Whorwood [mailto:[email protected]] > Sent: Thursday, April 21, 2011 12:56 PM > To: [email protected] > Subject: VPN over slow Internet connections > > > Dear all, > > Can anyone share any thoughts or experiences for VPN links running over > slow Internet connections, typically 2kB/s - 3kB/s (think 33.6k modem)? > > We are looking into utilising OpenVPN for out-of-office workers who > would be running mobile broadband in rural areas. Typical data across > the wire would be SQL queries for custom applications and not much else. > > Some initial thoughts include... > > * How well would the connection handle certificate (>= 2048 bit key) > based authentication? > * Is UDP or TCP better considering the speed and possibility of > packet loss (no figures to hand)? > * Is VPN over this type of connection simply a bad idea? > > Many thanks in advance. > > Kind regards, > Ben Whorwood > >
