On 09/06/2015 09:37 AM, Xen wrote:
However I think the TCP issues are exaggerated here because one of these links (or even two) happen between two single hosts and I think it all works out well.
There is normally only one flow control on a TCP connection, as it works end to end. With a TCP tunnel or VPN you add a 2nd. UDP has the same characteristics as Ethernet, that is best effort, no guarantees.
I do experience a lot of downtime in my internet connection. I cannot really pinpoint it to either the router, the VPN server, or the local wifi hotspot. Sometimes my internet will be down but I can SSH into the VPN server no issue. Sometimes when I close my VPN my internet is full back right again. I get the maximum download speed that my VPN can achieve though, which is a result of my ISPs upstream limit.
I was more worried about the double encryption. Not that it really mattered (thus far) but the encryption takes about 20% of my VPN server's CPU time (which is a small unit). If I turn VPN encryption off, it goes down to about 25% or 20% for a full-bandwidth data stream.
Other than a waste of CPU, I don't know that multiple encryption is a problem. On the other hand, it might be providing more work for the NSA. ;-) As I mentioned earlier, I no longer use OpenVPN. I now have IPv6, so all my computers have a public address and I use encrypted protocols such as SSH and IMAPS to access my network. So, my firewall is configured to pass only those.
It's unfortunate that KDE 4 from 13.2 doesn't support no-encryption with its network-manager-applet, but a workaround was not hard to reach.
-- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org