VPN over slow Internet connections
Darden, Patrick S.
darden at armc.org
Thu Apr 21 12:10:09 CDT 2011
There's not that much overhead--your certs should be ok. TCP for SQL would just make sense. I personally wouldn't want to do what you are contemplating. Here's some stuff to think about:
1. your modems will not be able to do compression. You can't easily compress random data (e.g. encrypted).
2. you won't get 33.6 unless your phone lines are pristine. You better plan on 28.8--if you are lucky.
3. I would hone my SQL sharply so it produces the smallest most relevant data sets possible.
4. you might want to give them some kind of termnial/shell access for doing their SQL remotely, instead of from home. Telnet or SSH. If you used SSH you could obviate using a separate VPN, you could use -C for compression, and you could do your SQL on the server side (or the on-site side)--all in all a speedier alternative.
From: Ben Whorwood [mailto:bw-ml at mube.co.uk]
Sent: Thursday, April 21, 2011 12:56 PM
To: nanog at nanog.org
Subject: VPN over slow Internet connections
Can anyone share any thoughts or experiences for VPN links running over
slow Internet connections, typically 2kB/s - 3kB/s (think 33.6k modem)?
We are looking into utilising OpenVPN for out-of-office workers who
would be running mobile broadband in rural areas. Typical data across
the wire would be SQL queries for custom applications and not much else.
Some initial thoughts include...
* How well would the connection handle certificate (>= 2048 bit key)
* Is UDP or TCP better considering the speed and possibility of
packet loss (no figures to hand)?
* Is VPN over this type of connection simply a bad idea?
Many thanks in advance.
More information about the NANOG