Hi, On Tue, Jun 05, 2018 at 08:05:40PM -0500, Derek Zimmer wrote: > The openvpn protocol does error checking and recovery on the data channel, > right?
There's "control packets" and "data packets" in "the openvpn protocol".
For Control, we do all of it - windowing, pacing, re-sending, ... - but
this is just TLS, keying, authentication session setup, parameter negotiation
(and our control channel is fairly slow due to a fairly simplistic approach
to all of this - good enough for the ~10-20kbyte initial handshake, but
not for serious amounts of data).
For Data mode ("tun -> openvpn -> network -> openvpn -> tun"), we do
error checking. As in "if the packet does not pass authentication,
complain and drop it". (We *might* do a sequence number check to drop
out of order packets
We do not do "recovery", as in "buffering, windowing, ACKing, re-sending
broken or lost packets".
> How is that handled? Or am I mistaken and it is all handled through
> the regular TCP protocol that is operating inside of the VPN tunnel.
This :-)
gert
--
"If was one thing all people took for granted, was conviction that if you
feed honest figures into a computer, honest figures come out. Never doubted
it myself till I met a computer with a sense of humor."
Robert A. Heinlein, The Moon is a Harsh Mistress
Gert Doering - Munich, Germany g...@greenie.muc.de
signature.asc
Description: PGP signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
