[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

Re: [Openvpn-users] ssl vpn packet structure


  • Subject: Re: [Openvpn-users] ssl vpn packet structure
  • From: Mathias Sundman <mathias@xxxxxxxxxx>
  • Date: Thu, 20 Jan 2005 10:12:13 +0100 (CET)

On Thu, 20 Jan 2005, Jordi Meya wrote:

Hi list!
I want to use OpenVPN for a Lab, and I'd like to know which is the overhead that the SSL-VPN layer represents (I want to analyse the impact on the network performance when using VPN's). I have been scrolling though the RFC2246 and "googleing" but I can't find this information. Could any of you point me to a good resource?

Google this list archive :-)

In this post James wrote:

http://article.gmane.org/gmane.network.openvpn.user/6583/match=protocol+overhead

It varies depending on options.  With a TUN-style tunnel over UDP using
the default TLS options, the per-packet overhead is:

41 bytes security layer overhead (includes packet tag (1), HMAC-SHA1
signature (20), initialization vector (16), sequence number (4))

28 bytes tunneling overhead (includes IP + UDP header)

Total: 69 bytes per packet

If your data stream is compressible, you can potentially gain back all of this overhead.


If you're interested in the details of the protocol, have a look at the comments in ssl.h in the openvpn source.


-- _____________________________________________________________ Mathias Sundman (^) ASCII Ribbon Campaign OpenVPN GUI for Windows X NO HTML/RTF in e-mail http://www.nilings.se/openvpn / \ NO Word docs in e-mail

____________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users