Date: Mon, 25 Sep 2000 11:13:36 +0200 From: Bart_van_Leeuwen@doosys.com To: Mipam <mipam@ibb.net> Cc: Ali Alaoui El Hassani <961BE653994@stud.alakhawayn.ma>, Dag-Erling Smorgrav <des@ofug.org>, freebsd-security@FreeBSD.ORG, James Wyatt <jwyatt@rwsystems.net>, "Vladimir Mencl, MK, susSED" <mencl@nenya.ms.mff.cuni.cz>, owner-freebsd-security@FreeBSD.ORG, Peter Pentchev <roam@orbitel.bg>, CrazZzy Slash <slash@krsu.edu.kg> Subject: Re: Encryption over IP Message-ID: <OF8214255F.66A34409-ONC1256965.00326171@intra.doosys.com>
next in thread | raw e-mail | index | archive | help
TCP over TCP has a few known problems, and the article you point at desribes one of those. Your claim about your connection however has little to do with it. Speed of the connection is of little importance, the packet loss you encounter however is of major importance. A T1 with 10% packet loss will not work well at all, 64kbit with 0% packet loss will work reasonably well. Bottem line, a dedicated tunneling protocol that does not use tcp as a transport layer is a very good idea. Bart van Leeuwen. mailto:Bart_van_Leeuwen@doosys.com http://www.doosys.com/ mailto:bart@ixori.demon.nl http://www.ixori.demon.nl/ Mipam <mipam@ibb.net> Sent by: To: James Wyatt <jwyatt@rwsystems.net> owner-freebsd-security@F cc: Dag-Erling Smorgrav <des@ofug.org>, "Vladimir Mencl, MK, reeBSD.ORG susSED" <mencl@nenya.ms.mff.cuni.cz>, Ali Alaoui El Hassani <961BE653994@stud.alakhawayn.ma>, CrazZzy Slash <slash@krsu.edu.kg>, freebsd-security@FreeBSD.ORG, Peter Pentchev <roam@orbitel.bg> 25-09-2000 07:44 Subject: Re: Encryption over IP > Could you be a bit more specific? I can see where the extra overhead isn't > always pretty, but I can't see where it *hurts* things other than network > throughput. Actually the throughput doesn't suffer all *that* much, if you > measure it and you have medium packets. For short, telnet-class packets > the overhead is more noticable than FTP, NNTP, SMTP, HTTP, etc... - Jy@ Okay, here is a nice article concerning tcp over tcp: http://sites.inka.de/sites/bigred/devel/tcp-tcp.html In here more details are worked out. I know many ppl deffer in this, however, my own experiences with tcp over tcp werent that good at all and i am working from a T1 connection, so i cant say that my connection is that slow. Anyway, my own experiences, together with this article why tcp over tcp can cause problems lead to my opinion that tcp over tcp isnt such a good idea. I was happy that i wasnt the only one who experienced problems with this. Plz read the above article, then consider again conerning tcp over tcp. Some ppl even claim that tcp over tcp, so that tcp has a reliable carrier, is a good idea in fact.... If they could bring in some arguments why, i could consider them. Bye, Mipam. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?OF8214255F.66A34409-ONC1256965.00326171>