Hi,
On 06/06/18 15:00, Gert Doering wrote:
> For Data mode ("tun -> openvpn -> network -> openvpn -> tun"), we do
> error checking. As in "if the packet does not pass authentication,
> complain and drop it". (We *might* do a sequence number check to drop
> out of order packets
I think we only d
Hi,
On Tue, Jun 05, 2018 at 08:05:40PM -0500, Derek Zimmer wrote:
> The openvpn protocol does error checking and recovery on the data channel,
> right?
There's "control packets" and "data packets" in "the openvpn protocol".
For Control, we do all of it - windowing, pacing, re-sending, ... - but
Gert,
The openvpn protocol does error checking and recovery on the data channel,
right? How is that handled? Or am I mistaken and it is all handled through
the regular TCP protocol that is operating inside of the VPN tunnel.
Derek Zimmer
Chief Executive Officer
Open Source Technology Improvement
Hi,
On Tue, Jun 05, 2018 at 10:23:29AM -0500, Derek Zimmer wrote:
> OpenVPN in UDP mode is still operating a TCP windowing layer
> somewhere, right?
Not for data packets - they get sent off as they come in from the
tun file descriptor and vice versa. No pacing (unless configured),
no windowi
JJK, this is actually quite helpful data, as I saw similar results when
doing my internal testing. The falloff rate seems to increase as the
latency increases, suggesting a fixed window or at least one that isn't
scaling properly as latency increases, which causes unusually fast
performance drops w
Following up on myself
On 05/06/18 14:25, Jan Just Keijser wrote:
On 01/06/18 02:50, Derek Zimmer wrote:
I'm still working on this, as I think it is worthwhile for us to
explore and get some hard data on how all of these things perform in
a real world environment.
I've been stalled by t
Hi,
On 01/06/18 02:50, Derek Zimmer wrote:
I'm still working on this, as I think it is worthwhile for us to
explore and get some hard data on how all of these things perform in a
real world environment.
I've been stalled by transitioning to a new job.
>Same here. I guess this interacts with
I'm still working on this, as I think it is worthwhile for us to explore
and get some hard data on how all of these things perform in a real world
environment.
I've been stalled by transitioning to a new job.
>Same here. I guess this interacts with other properties, like the delay
>OpenVPN itself
I found this site to have some useful information about iperf.x:
https://fasterdata.es.net/performance-testing/network-troubleshooting-tools/throughput-tool-comparision/
--
Check out the vibrant tech community on one of t
Hi,
On 04-05-18 17:45, Jan Just Keijser wrote:
> On 04/05/18 16:41, Derek Zimmer wrote:
>> What conclusions can we draw from this?
>>
> My main conclusion has always been that OpenVPN is limited by the number
> of user-to-kernel space transitions , not by anything else.
Same here. I guess this in
Hi Derek,
On 04/05/18 18:02, Derek Zimmer wrote:
Based on the feedback we've gotten so far. I think we need to get some
hard data on the latency scaling to confirm my earlier observations.
how do you simulate latency? or do you actually have high latency machines?
try playing with
--sndbuf
Based on the feedback we've gotten so far. I think we need to get some hard
data on the latency scaling to confirm my earlier observations.
It is interesting that AES-NI appears to dramatically improve performance,
as none of the x86 CPUs mentioned in the gigabit optimization guide should
be anywh
Hi,
see some comments inline
On 04/05/18 16:41, Derek Zimmer wrote:
Hello everyone,
Derek from OSTIF here. I've been working with OpenVPN for a few years and there's a few curious performance anomalies that
i've ran into that add up to a possible performance opportunity. My experience lies cl
> My network experience points to something going awry with windowing with
> TCP, but UDP does not apply any sort of windowing (no ACKs = no
> windowing) but the OpenVPN protocol itself does have an ACK system,
> which suggests that OpenVPN may apply its own windowing.
OpenVPN has a data channel
Hello everyone,
Derek from OSTIF here. I've been working with OpenVPN for a few years and
there's a few curious performance anomalies that i've ran into that add up
to a possible performance opportunity. My experience lies closer to
networking protocols and cryptography rather than programming, so
15 matches
Mail list logo