[139850] in North American Network Operators' Group
RE: VPN over slow Internet connections
daemon@ATHENA.MIT.EDU (Brandon Kim)
Thu Apr 21 13:06:44 2011
From: Brandon Kim <brandon.kim@brandontek.com>
To: <bw-ml@mube.co.uk>, nanog group <nanog@nanog.org>
Date: Thu, 21 Apr 2011 13:06:36 -0400
In-Reply-To: <4DB06184.30508@mube.co.uk>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
If I had to guestimate=2C the performance would be horrible considering the=
VPN overhead in itself.
You can't choose UDP or TCP=2C that is all based on the applications being =
used within the tunnel.
So the apps will decide what protocols they will need to use=2C which will =
then be encapsulated by IPSEC.
It could work=2C but you may not be happy and it may not provide the desire=
d performance that you need
to be productive....
> Date: Thu=2C 21 Apr 2011 17:55:32 +0100
> From: bw-ml@mube.co.uk
> To: nanog@nanog.org
> Subject: VPN over slow Internet connections
>=20
> Dear all=2C
>=20
> Can anyone share any thoughts or experiences for VPN links running over=20
> slow Internet connections=2C typically 2kB/s - 3kB/s (think 33.6k modem)?
>=20
> We are looking into utilising OpenVPN for out-of-office workers who=20
> would be running mobile broadband in rural areas. Typical data across=20
> the wire would be SQL queries for custom applications and not much else.
>=20
> Some initial thoughts include...
>=20
> * How well would the connection handle certificate (>=3D 2048 bit key)=
=20
> based authentication?
> * Is UDP or TCP better considering the speed and possibility of=20
> packet loss (no figures to hand)?
> * Is VPN over this type of connection simply a bad idea?
>=20
> Many thanks in advance.
>=20
> Kind regards=2C
> Ben Whorwood
>=20
=
