Some of you may be sick of this thread, but I have found it extremely insightful. Thanks to everyone who has participated.
As far as tun vs. tap is concerned, I've been a little biased towards tun because my only application of OpenVPN so far has been in an environment where tun is really the only way to go. We have three separate subnets which are connected together by an OpenVPN network. The main thing that impressed me with OpenVPN is that it can route everything properly even if the various routers have dynamic VPN IP addresses. The only thing I have to specify in the configuration is that client A is a router for subnet A, client B for subnet B, and so on. The IP address assigned to client A is irrelevent. I thought that that was very cool. Thanks to everyone's input, when I set up my wireless network, I'll probably use tap for it. However, I still have a question about efficiency. I can see, from the various points that have been made, that tap is probably easier to configure for a many-clients network. However, Hans also said that it tap can be faster than tun. I have a hard time seeing that, since tun would avoid ARP packets and other such chatty packets which are commonly found on a subnet. Why would tap be faster than tun? Are there other factors? Thanks. -- Andrew McNabb http://www.mcnabbs.org/andrew/ PGP Fingerprint: 8A17 B57C 6879 1863 DE55 8012 AB4D 6098 8826 6868
pgpul7jRyaXST.pgp
Description: PGP signature
.===================================. | This has been a P.L.U.G. mailing. | | Don't Fear the Penguin. | | IRC: #utah at irc.freenode.net | `==================================='
