nanog mailing list archives
Re: VPN over slow Internet connections
From: Valdis.Kletnieks () vt edu
Date: Thu, 21 Apr 2011 13:17:05 -0400
On Thu, 21 Apr 2011 17:55:32 BST, Ben Whorwood said:
* How well would the connection handle certificate (>= 2048 bit key) based authentication?
It will hiccup for a moment (maybe a quarter or half second) for the data. The certificate exchange is the least of your problems.
* Is VPN over this type of connection simply a bad idea?
Well, 33.6k is a Bad Idea right there. :) But if you're stuck with that for technical reasons, but need a VPN for security reasons, it won't be all *that* much worse, unless you're doing a lot of SSH or similar short-packet single-keystroke traffic, where the VPN overhead will start being a bit painful. Shouldn't be too hard to model the traffic involved to see if it's too painful - FreeBSD has dummynet IIRC.
Attachment:
_bin
Description:
Current thread:
- VPN over slow Internet connections Ben Whorwood (Apr 21)
- RE: VPN over slow Internet connections Brandon Kim (Apr 21)
- Re: VPN over slow Internet connections Phil Regnauld (Apr 21)
- RE: VPN over slow Internet connections Darden, Patrick S. (Apr 21)
- Re: VPN over slow Internet connections Fred Richards (Apr 21)
- RE: VPN over slow Internet connections Brandon Kim (Apr 21)
- Re: VPN over slow Internet connections Matt Ryanczak (Apr 21)
- RE: VPN over slow Internet connections Brandon Kim (Apr 21)
- Re: VPN over slow Internet connections JC Dill (Apr 21)
- Re: VPN over slow Internet connections Jeroen van Aart (Apr 21)
- Re: VPN over slow Internet connections Wil Schultz (Apr 21)
- Re: VPN over slow Internet connections William Herrin (Apr 21)
- Re: VPN over slow Internet connections Phil Regnauld (Apr 21)
- Re: VPN over slow Internet connections Steven Bellovin (Apr 21)
- RE: VPN over slow Internet connections Terry Baranski (Apr 21)