Re: [Openvpn-users] Re: [Openvpn-devel] TINC and OpenVPN tunnel performance on a Windows client

["James Yonan" <jim@xxxxxxxxx>]

AthlonRob <AthlonRob@xxxxxxxx> said:

> On Thu, 2003-11-06 at 15:35, Erik Anderson wrote:
> > Can one bridge TUN devices as easily as TAP devices?
> 
> I don't believe you can bridge TUN devices at all, as a bridge is
> supposed to look at ethernet frames and not the protocols themselves.
> 
> TUN is, as far as I understand, a TCP/IP only kind of thing.  You don't
> run broadcasts or other protocols over it.
> 
> TAP tunnels the ethernet frames themselves, so theoretically it is as
> powerful as if you had an ethernet card with a cable going to the other
> system... and you can do everything with it.
> 
> My understanding is that since all we're really concerned with is IP
> type stuff, TUN is a bit faster and more consistent because that's all
> it deals with.  TAP drivers, since they deal with so much more, are
> going to have a little bit more overhead in their connections and
> therefore run just a wee bit slower.
> 
> As far as I'm concerned, TAP's ability to be added to a bridge makes it
> the best option for me.  I'd much rather use TAP and bridge myself in
> than use the TUN driver and have to worry about odd routing tables and
> the like.

Whether to use TUN (routing) or TAP (bridging) is mostly a tradeoff between
performance and ease of configuration.

For example, a lot of people use TAP because it gives you windows/samba file
sharing with minimal effort.  On the other hand, if you invest the effort to
configure samba to work without broadcasts, you can use TUN and improve the
performance and scalability of the VPN.

If you use software that _requires_ broadcasts to work correctly then you must
use TAP.

James


____________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users