Hi,

On 02-04-2021 20:16, Gert Doering wrote:
> Your patch has been applied to the master branch.
> 
> I have never looked into this reliable stuff before, and do not have
> a test environment with a) significant amounts of control plane traffic,
> and b) "just the right amount" of packet loss.  So I've just stared at
> the code a bit (seems reasonable) and tested client side on Linux
> (works).

Thanks!

> I do wonder a bit under which condition this could fire - with the
> larger control channel packets we introduced a few years ago, I do
> not see many scenarios where "more than 3 packets" could be in-flight
> at the same time...  inital TLS handshake with very large DH groups?

This was written in the context of our post-quantum crypto experiments
with OpenVPN. Post-quantum (pub)keys are typically larger than
traditional keys. So yes, large keys / paramters is one example.

Another one would be someone pushing large amounts of routes. I recall
ValikSS had such a use case. I've also seen companies push a lot of
routers to have high-volume traffic (e.g. video conferencing, cloud
storage) bypass the VPN.

-Steffan


_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel

Reply via email to