Re: VPN over Wireless (Was Re: "802.1x"?)

[Erick Mechler <emechler () techometer net>]

:: > [ppp over ssh]
:: 
:: I'd think that something IPsecish would be a better choice for
:: this task, but I digress ... :)

Even with our limited userbase, I didn't want to get into having to
maintain pre shared secrets with all of my users.  I also wanted to have
support for as many clients as possible, and while I've seen reports of all
the OS's I mentioned working with FreeBSD IPSec, I'd describe the
experiences "painful" at best.  But I digress :)

:: > There was some latency involved with tunnelling PPP over ssh, but 
:: > it was still acceptable for our user base.
:: 
:: Just a helpful hint: turning off the nagle delay algorithm in the 
:: SSH client as well as in the SSH server can do wonders for latency 
:: problems involved with tunneling things over SSH.

... and Kevin Steves <stevesk () pobox com> responded:

:: While there may be some Nagle issues lingering, we do disable Nagle
:: for the port forwarding endpoints.  This change was commited to
:: current over 9 months ago and was in the 3.4 release.

Is tunneling PPP over SSH considered a port forward, though?  If it's not,
how would one go about disabling the Nagle algorithm in the ssh client?  I
don't see anything to that affect in the man pages.  Or, do I have to do 
that at compile time...

Cheers - Erick
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards