|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
|
Re: [PLUG] ssh is a really beautiful tool...
|
| i've had a lame attempt to start to construct a poor man's vpn
| using ssh but on further reading some people find the performance
| really poor, on account of tunnelling tcp over ssh over tcp
| (some race conditions, apparently). What i think they do
| is run pppd on both sides of ssh and route the new IP's
| to that. I think. If you can successfuly pull this off
| can you post back i'll be interested to know how, thanks!
the problem is that TCP was designed to run over an un-reliable
datagram service, detect lost packets, and retransmit as needed.
when running TCP over TCP, the retransmission algorithms of the
2 TCPs "fight" each other. once a packet is dropped, the outer
TCP times out and retransmits, a short time thereafter, the inner
TCP will timeout and retransmit (needlessly). because of the way
the timers adjust themselves, TCP can easily choke on retransmissions
and stall the flow.
--jeff
see also:
http://sites.inka.de/sites/bigred/devel/tcp-tcp.html
_________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.netisland.net/mailman/listinfo/plug-announce
General Discussion -- http://lists.netisland.net/mailman/listinfo/plug
|
|