Firewall Wizards mailing list archives
Re: VPN over Wireless (Was Re: "802.1x"?)
From: Mikael Olsson <mikael.olsson () clavister com>
Date: Sat, 21 Dec 2002 13:48:56 +0100
Erick Mechler wrote:
[ppp over ssh]
I'd think that something IPsecish would be a better choice for this task, but I digress ... :)
There was some latency involved with tunnelling PPP over ssh, but it was still acceptable for our user base.
Just a helpful hint: turning off the nagle delay algorithm in the SSH client as well as in the SSH server can do wonders for latency problems involved with tunneling things over SSH. Doing nagle delay on top of TCP sessions that already do nagle delay themselves involves quite a bit of "second-guessing", which results in unwanted delays that you experience as "lag bursts" for interactive things. (No, the nagle delay algo itself doesn't cause this, but the interactions with delayed ACK schemes and other TCP optimizations do cause "interesting" effects on e.g. terminal sessions that echo characters that you type.) -- Mikael Olsson, Clavister AB Storgatan 12, Box 393, SE-891 28 ÖRNSKÖLDSVIK, Sweden Phone: +46 (0)660 29 92 00 Mobile: +46 (0)70 26 222 05 Fax: +46 (0)660 122 50 WWW: http://www.clavister.com _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- "802.1x"? Mikael Olsson (Dec 14)
- <Possible follow-ups>
- Re: "802.1x"? CTA (Dec 15)
- RE: "802.1x"? Dawes, Rogan (ZA - Johannesburg) (Dec 17)
- Re: "802.1x"? Gary Flynn (Dec 17)
- Re: "802.1x"? R. DuFresne (Dec 19)
- VPN over Wireless (Was Re: "802.1x"?) Lorens Kockum (Dec 20)
- Re: VPN over Wireless (Was Re: "802.1x"?) Erick Mechler (Dec 20)
- Re: VPN over Wireless (Was Re: "802.1x"?) Mikael Olsson (Dec 21)
- Re: VPN over Wireless (Was Re: "802.1x"?) Kevin Steves (Dec 22)
- Re: VPN over Wireless (Was Re: "802.1x"?) Erick Mechler (Dec 23)
- Re: "802.1x"? Gary Flynn (Dec 17)