Date: Sun, 24 Sep 2000 14:46:20 -0600 (MDT) From: "David G. Andersen" <dga@pobox.com> To: mipam@ibb.net Cc: des@ofug.org (Dag-Erling Smorgrav), mencl@nenya.ms.mff.cuni.cz (Vladimir Mencl MK susSED), 961BE653994@stud.alakhawayn.ma (Ali Alaoui El Hassani), slash@krsu.edu.kg (CrazZzy Slash), freebsd-security@FreeBSD.ORG, roam@orbitel.bg (Peter Pentchev) Subject: Re: Encryption over IP Message-ID: <200009242046.OAA21437@faith.cs.utah.edu> In-Reply-To: <20000924223816.F590@ibb0021.ibb.uu.nl> from "Mipam" at Sep 24, 2000 10:38:16 PM
next in thread | previous in thread | raw e-mail | index | archive | help
Lo and behold, Mipam once said:
>
> > Your throughput goes down the drain, but it works fine and it's easy
> > to set up. And remember, sweeping generalizations are always wrong.
> >
>
> Not really.
> Tcp always assumes an unreliable carrier, which isnt the case in tcp over tcp.
> This can cause problems in some situations.
And is needed in some situations, such as going through a tcp nat proxy.
... like the one I have to traverse to access the world from my cable
modem connection. Sure, you could try to tunnel it over some UDP-based
protocol the NAT box thinks it understands, but when said nat box is a
windoze 98 box running "internet connection sharing," the easiest way to
make life work well is over TCP.
Yes, running TCP over a reliable connection is often bad. Yes, it's
also often the best solution.
-Dave
>
> Mipam.
>
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message
>
--
work: dga@lcs.mit.edu me: dga@pobox.com
MIT Laboratory for Computer Science http://www.angio.net/
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200009242046.OAA21437>