Top Posting:
UDP is preferred vs TCP because of TCP inside TCP issues - e.g. TCP sliding
window ACK inside another TCP sliding window ACK. As packet loss increases,
this becomes a huge problem. Essentailly, you have TCP stream inside the OVPN
tunnel, and it's being ferried to the remote site/client. And the outside
tunnel is also a TCP connection. All the "benefits" of TCP connections,
essentially can become problems with having a TCP inside TCP conntection.
Rather than rehash it all - here's a decent link that describes some of the
problems:
http://sites.inka.de/bigred/devel/tcp-tcp.html
I don't have any authoritative thoughts on why TCP would work when UDP doesn't,
but one thing that comes to mind is MTU size. If the MTU size was too large,
UDP will simply fail. TCP *should* [but may not always] get a fragmentation
notification telling the sender to fragment the packets down to fit through a
smaller than expected MTU in the connection.
Do some searches on MTU/MSS and see if you can determine if your pathway has a
smaller than expected MTU. PPPoE is one specific case where MTU's are smaller
because of the PPPoE overhead.
Some good reading re: MTU/MSS. [Not carefully vetted, just quick perusal seems
to indicate they might be useful reading.]
https://supportforums.cisco.com/t5/lan-switching-and-routing/mtu-mss-and-tcp-window-size/td-p/2966099
https://learningnetwork.cisco.com/thread/91863
-Greg
We’ve just tried TCP and the issue has gone away.
Can anyone tell me why this happens? Also, what’s the reason for UDP being
preferred over TCP?
Thanks.
-Stuart
[SNIP]
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users