Date: Sun, 24 Sep 2000 14:46:20 -0600 (MDT) From: "David G. Andersen" <dga@pobox.com> To: mipam@ibb.net Cc: des@ofug.org (Dag-Erling Smorgrav), mencl@nenya.ms.mff.cuni.cz (Vladimir Mencl MK susSED), 961BE653994@stud.alakhawayn.ma (Ali Alaoui El Hassani), slash@krsu.edu.kg (CrazZzy Slash), freebsd-security@FreeBSD.ORG, roam@orbitel.bg (Peter Pentchev) Subject: Re: Encryption over IP Message-ID: <200009242046.OAA21437@faith.cs.utah.edu> In-Reply-To: <20000924223816.F590@ibb0021.ibb.uu.nl> from "Mipam" at Sep 24, 2000 10:38:16 PM
next in thread | previous in thread | raw e-mail | index | archive | help
Lo and behold, Mipam once said: > > > Your throughput goes down the drain, but it works fine and it's easy > > to set up. And remember, sweeping generalizations are always wrong. > > > > Not really. > Tcp always assumes an unreliable carrier, which isnt the case in tcp over tcp. > This can cause problems in some situations. And is needed in some situations, such as going through a tcp nat proxy. ... like the one I have to traverse to access the world from my cable modem connection. Sure, you could try to tunnel it over some UDP-based protocol the NAT box thinks it understands, but when said nat box is a windoze 98 box running "internet connection sharing," the easiest way to make life work well is over TCP. Yes, running TCP over a reliable connection is often bad. Yes, it's also often the best solution. -Dave > > Mipam. > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > -- work: dga@lcs.mit.edu me: dga@pobox.com MIT Laboratory for Computer Science http://www.angio.net/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200009242046.OAA21437>