Original Message
Subject: VPN over slow Internet connections
From: Ben Whorwood
To: nanog@nanog.org
Date: Thursday, April 21, 2011 11:55:32 AM
> Dear all,
>
> Can anyone share any thoughts or experiences for VPN links running
> over slow Internet connections, typ
On Apr 21, 2011, at 5:28 46PM, Terry Baranski wrote:
> On Apr 21, 2011, at 4:20PM, Steven Bellovin wrote:
>
>> For your application or for the VPN? For the VPN, I *strongly*
>> suggest you use UDP, or you're going to get dueling retransmissions
>> and spend a lot of time sending many copies of
On Thu, 21 Apr 2011 17:55:32 +0100, Ben Whorwood wrote:
IMHO it is not good idea to go to OpenVPN/IPSec/etc level at all (IP
layer at least, and in case of Windows it is also ethernet headers).
First of all OpenVPN for Windows/different OS sometimes become a
headache and need admin privileges.
On Apr 21, 2011, at 4:20PM, Steven Bellovin wrote:
> For your application or for the VPN? For the VPN, I *strongly*
> suggest you use UDP, or you're going to get dueling retransmissions
> and spend a lot of time sending many copies of the same thing. Consider:
> if a packet is dropped, either due
On Apr 21, 2011, at 4:31 32PM, Phil Regnauld wrote:
> Steven Bellovin (smb) writes:
>>
>> I should note: IPsec, being datagram-based, will also work well. PPTP,
>> which runs over TCP as far as I know, will suffer all of the ills I just
>> outlined.
>
> PPTP uses 1723/tcp for control, bu
Steven Bellovin (smb) writes:
>
> I should note: IPsec, being datagram-based, will also work well. PPTP,
> which runs over TCP as far as I know, will suffer all of the ills I just
> outlined.
PPTP uses 1723/tcp for control, but the tunneled traffic is GRE,
so that would work fine
On Apr 21, 2011, at 12:55 32PM, Ben Whorwood wrote:
> Dear all,
>
> Can anyone share any thoughts or experiences for VPN links running over slow
> Internet connections, typically 2kB/s - 3kB/s (think 33.6k modem)?
>
> We are looking into utilising OpenVPN for out-of-office workers who would be
On Apr 21, 2011, at 12:11 PM, Jeroen van Aart wrote:
> valdis.kletni...@vt.edu wrote:
>> Well, 33.6k is a Bad Idea right there. :) But if you're stuck with that
>> for technical reasons, but need a VPN for security reasons, it won't
>> be all *that* much worse, unless you're doing a lot of SSH or
On 21/04/11 11:53 AM, Brandon Kim wrote:
Nothing like getting into the groove, then losing your connection, waiting for
the modem to dial back up
and then try to figure out what you were just doing!!! Again, it goes back to what I
mentioned, it "could" work
but how will that affect your overa
valdis.kletni...@vt.edu wrote:
Well, 33.6k is a Bad Idea right there. :) But if you're stuck with that
for technical reasons, but need a VPN for security reasons, it won't
be all *that* much worse, unless you're doing a lot of SSH or similar
I would think so too. When I first moved to the Stat
r 3G or 4G not available? I'm assuming that modem is being used
because broadband is not in the area
> Date: Thu, 21 Apr 2011 14:02:30 -0400
> From: ryanc...@gmail.com
> To: nanog@nanog.org
> Subject: Re: VPN over slow Internet connections
>
> On 04/21/2011 01:32
On Apr 21, 2011, at 12:55 PM, Ben Whorwood wrote:
> Dear all,
>
> Can anyone share any thoughts or experiences for VPN links running over slow
> Internet connections, typically 2kB/s - 3kB/s (think 33.6k modem)?
>
> We are looking into utilising OpenVPN for out-of-office workers who would be
>
On 04/21/2011 01:32 PM, Brandon Kim wrote:
I vote for Patrick's idea of allowing the end user to remote into a machine
where the SQL resides.
This would eliminate a lot of potential issueswish I had thought of that
first!!!
I third this idea. Using screen would be a good idea as well.
Th
On Thu, Apr 21, 2011 at 1:32 PM, Gary Gladney wrote:
> If you haven't deployed your VPN environment yet I would seriously
>consider using SSL VPN instead of IPSec as your tunneling protocol.
> SSL VPN gives you a lot more options than IPSec.
Hi Gary,
Ben was looking at OpenVPN, not IPSec.. He s
2011 12:56 PM
To: nanog@nanog.org
Subject: VPN over slow Internet connections
Dear all,
Can anyone share any thoughts or experiences for VPN links running over slow
Internet connections, typically 2kB/s - 3kB/s (think 33.6k modem)?
We are looking into utilising OpenVPN for out-of-office worker
I vote for Patrick's idea of allowing the end user to remote into a machine
where the SQL resides.
This would eliminate a lot of potential issueswish I had thought of that
first!!!
> Subject: RE: VPN over slow Internet connections
> Date: Thu, 21 Apr 2011 13:10:09 -0400
On Thu, Apr 21, 2011 at 12:55 PM, Ben Whorwood wrote:
> Can anyone share any thoughts or experiences for VPN links running over slow
> Internet connections, typically 2kB/s - 3kB/s (think 33.6k modem)?
>
> We are looking into utilising OpenVPN for out-of-office workers who would be
> running mobil
> We are looking into utilising OpenVPN for out-of-office workers who
> would be running mobile broadband in rural areas. Typical data across
> the wire would be SQL queries for custom applications and not much else.
>
I agree with Patrick, SSH would do nicely. You could even setup a
tunnel, and
On Thu, 21 Apr 2011 17:55:32 BST, Ben Whorwood said:
>* How well would the connection handle certificate (>= 2048 bit key)
> based authentication?
It will hiccup for a moment (maybe a quarter or half second) for the data. The
certificate exchange is the least of your problems.
>* Is VP
al Message-
From: Ben Whorwood [mailto:bw...@mube.co.uk]
Sent: Thursday, April 21, 2011 12:56 PM
To: nanog@nanog.org
Subject: VPN over slow Internet connections
Dear all,
Can anyone share any thoughts or experiences for VPN links running over
slow Internet connections, typically 2kB/s - 3kB/s
Ben Whorwood (bw-ml) writes:
> Some initial thoughts include...
>
> * How well would the connection handle certificate (>= 2048 bit
> key) based authentication?
> * Is UDP or TCP better considering the speed and possibility of
> packet loss (no figures to hand)?
I'd go for a UDP tunne
ed by IPSEC.
It could work, but you may not be happy and it may not provide the desired
performance that you need
to be productive
> Date: Thu, 21 Apr 2011 17:55:32 +0100
> From: bw...@mube.co.uk
> To: nanog@nanog.org
> Subject: VPN over slow Internet connections
>
> De
Dear all,
Can anyone share any thoughts or experiences for VPN links running over
slow Internet connections, typically 2kB/s - 3kB/s (think 33.6k modem)?
We are looking into utilising OpenVPN for out-of-office workers who
would be running mobile broadband in rural areas. Typical data across
23 matches
Mail list logo
