|
|
Leo Vetterli <leo.vetterli@xxxxxxxxxxx> said: > Does anybody know if openvpn supports UDP Tunneling? I mean that the UDP > Protocol on a Sub-LAN is tunneled with Openvpn to the LAN? Absolutely. People commonly tunnel NFS or VoIP over OpenVPN. Since OpenVPN fully supports UDP as the tunnel carrier, when you are tunneling a UDP application stream, you get the clean encapsulation semantics of UDP over UDP. The one gotcha to keep in mind is that when OpenVPN encrypts and encapsulates a UDP packet, some security-related overhead is added to the packet size. The result is that the MTU is somewhat less than it would be over a direct connection with no VPN involved. This can create a performance bottleneck or even lock up the connection if IP fragmentation is disabled by routers in the path. OpenVPN has a workaround for this: the --fragment option which does fragmentation internally. This is really a last-resort for intractable fragmentation problems since it exacts a performance penalty. Note that the --mssfix option does not work in this case -- it's designed to work only with TCP streams which are tunneled over OpenVPN. The best solution is to lower the UDP MTU used by the application which is being tunneled to a level just below the fragmentation threshold. James ____________________________________________ Openvpn-users mailing list Openvpn-users@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/openvpn-users |