VPN over slow Internet connections
Valdis.Kletnieks at vt.edu
Valdis.Kletnieks at vt.edu
Thu Apr 21 17:17:05 UTC 2011
On Thu, 21 Apr 2011 17:55:32 BST, Ben Whorwood said:
> * How well would the connection handle certificate (>= 2048 bit key)
> based authentication?
It will hiccup for a moment (maybe a quarter or half second) for the data. The
certificate exchange is the least of your problems.
> * Is VPN over this type of connection simply a bad idea?
Well, 33.6k is a Bad Idea right there. :) But if you're stuck with that
for technical reasons, but need a VPN for security reasons, it won't
be all *that* much worse, unless you're doing a lot of SSH or similar
short-packet single-keystroke traffic, where the VPN overhead will
start being a bit painful. Shouldn't be too hard to model the traffic
involved to see if it's too painful - FreeBSD has dummynet IIRC.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20110421/b30fc44c/attachment.sig>
More information about the NANOG
mailing list