Site Navigation

Date:      Tue, 18 Jun 2002 08:15:58 -0700
From:      Lars Eggert <larse@ISI.EDU>
To:        Christophe Prevotaux <c.prevotaux@hexanet.fr>
Cc:        net@freebsd.org
Subject:   Re: IPIP (kind of) with Payload Encryption only
Message-ID:  <3D0F4EAE.5090207@isi.edu>
References:  <20020618153956.2a9352fa.c.prevotaux@hexanet.fr>	<200206181352.g5IDqqnq047326@whizzo.transsys.com>	<3D0F4AFA.3000908@isi.edu> <20020618170639.3754910d.c.prevotaux@hexanet.fr>

---

next in thread | previous in thread | raw e-mail | index | archive | help

---

[-- Attachment #1 --]
Christophe Prevotaux wrote:
> I can use AH/ESP however since I am using a satellite link
> thru a modem/hub(NOC) that fiddles around with packets in order
> to optimize them , I can't encrypt the headers otherwise the 
> optimizer can't see inside the packets and therefore can't see the
> headers , so no optimization is done ,and I end up with a 33,6Kbps
> like speed for the VPN , which is useless (at best 56Kbps).

You could try (transport mode) IPsec over a UDP tunnel, if your 
middlebox mucks with the L4 headers. Then again, your middlebox probably 
only "optimizes" TCP - have you benmarked TCP vs. UDP performance over 
the link? (If so, you'll need to use a TCP tunnel.)

Lars
-- 
Lars Eggert <larse@isi.edu>           USC Information Sciences Institute

[-- Attachment #2 --]
0�	*�H��

��0�

10	+0�	*�H��


���0��0��
�G0
	*�H��


0��10	UZA10UWestern Cape10U	Cape Town10
U
Thawte10UCertificate Services1(0&UPersonal Freemail RSA 2000.8.300
010824164000Z
020824164000Z0T10
UEggert1
0U*Lars10ULars Eggert10	*�H��

	

larse@isi.edu0��0
	*�H��



��0���������|\Pw��� �v����~��~�F
�Do�o�ӦA��\-��	� ���Cˀ�4�.��)&��{�肋���,z�(ܷر��߈��T7�_'t�xGH^tt/ҹB8��%�t<#�ֲN�

�V0T0*+e

!0
00
L2uMyffBNUbNJJcdZ2s0U0�
larse@isi.edu0U

�00
	*�H��


����a�JP���M�Ւ�]cѭC+��kS��+wZ�1���gY"�,Y���T�41�
�j����6:~�℩��D���������~�Kؚ‡�l���=�u(Վ��M?cF��7@����}��T��0��0��
�G0
	*�H��


0��10	UZA10UWestern Cape10U	Cape Town10
U
Thawte10UCertificate Services1(0&UPersonal Freemail RSA 2000.8.300
010824164000Z
020824164000Z0T10
UEggert1
0U*Lars10ULars Eggert10	*�H��

	

larse@isi.edu0��0
	*�H��



��0���������|\Pw��� �v����~��~�F
�Do�o�ӦA��\-��	� ���Cˀ�4�.��)&��{�肋���,z�(ܷر��߈��T7�_'t�xGH^tt/ҹB8��%�t<#�ֲN�

�V0T0*+e

!0
00
L2uMyffBNUbNJJcdZ2s0U0�
larse@isi.edu0U

�00
	*�H��


����a�JP���M�Ւ�]cѭC+��kS��+wZ�1���gY"�,Y���T�41�
�j����6:~�℩��D���������~�Kؚ‡�l���=�u(Վ��M?cF��7@����}��T��0�80���
fEr��t��cvE��.�
0
	*�H��


0��10	UZA10UWestern Cape10U	Cape Town10U
Thawte Consulting1(0&UCertification Services Division1$0"UThawte Personal Freemail CA1+0)	*�H��

	
personal-freemail@thawte.com0
000830000000Z
040827235959Z0��10	UZA10UWestern Cape10U	Cape Town10
U
Thawte10UCertificate Services1(0&UPersonal Freemail RSA 2000.8.300��0
	*�H��



��0�����32�c�	%E>�nx'g��ڈ���D)�c5*mp<�ܮ��to0�3��4q��m���O�e�
�K���a����U�5��u�'��r���װ�����|CBPQ��<�9��T������If-	��k�i

�N0L0)U"0 �010UPrivateLabel1-2970U

�0

�
0U
0
	*�H��


��1�KG]�
q��Sl]y�=��&b�"��"��I�'{9����$����
*8�PU�l�
�L����G�l�X�1B	l�i�+�@]j�y��.%݊���
��Z��<�D�&i�H�����bb��1��0��

0��0��10	UZA10UWestern Cape10U	Cape Town10
U
Thawte10UCertificate Services1(0&UPersonal Freemail RSA 2000.8.30�G0	+��
a0	*�H��

	1	*�H��


0	*�H��

	1
020618151558Z0#	*�H��

	1��=@l�YG,hg_d��80R	*�H��

	1E0C0
*�H��
0*�H��
�0
*�H��

@0+0
*�H��

(0��*�H��

	1�����0��10	UZA10UWestern Cape10U	Cape Town10
U
Thawte10UCertificate Services1(0&UPersonal Freemail RSA 2000.8.30�G0
	*�H��



��r�iI1p?�oz\U
�sbK��Wo g���D�5��mQ����_T��yx-�l��e�U|�'�i� O�OG�*�wBi�V

�;��B�b�"<k���/���/�P
C�d��Bپ���K z

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3D0F4EAE.5090207>

Legal Notices | © 1995-2025 The FreeBSD Project. All rights reserved.

Contact