[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Privoxy usage?

On 8/18/07, Juliusz Chroboczek <Juliusz.Chroboczek@xxxxxxxxxxxxxx> wrote:
> ...
> Ahem... if your VPN software is using TCP rather than UDP or raw IP,
> then I strongly recommend that you choose a different VPN vendor.

that's not good advice.  tcp to 443 and other uses in general are
quite acceptable.  (ok, i do favor AH/ESP or UDP, but TCP is still
quite usable and useful)

> Which means that until Roger, Nick and their basementful of slaves
> implement a datagram transport for tor, it will not be possible to run
> a well-designed VPN over tor.

i've used openvpn tcp over tor.  it works just as you expect other
application layer protocols over tcp to work.  what's your grudge
against tcp over tcp?

> [... out of order reply ...]
> TCP over TCP has some problems, the least/biggest of which is the
> timeout factor.
> If there is a communication problem, TCP has a "back off and resend"
> rule.

with Tor your tcp endpoint is terminating quite close, in this case on
the same host stack or one host over.  you don't lose or timeout
packets over a single hop (unless you've got a blaster infected client
on your LAN :)

please back up these arguments with some kind of facts, since you're
misunderstanding the usual nature of TCP applications using Tor here.

the performance hit for TCP over TCP in Tor land is the latency and
bandwidth associated with onion routing, not nested TCP transport.

best regards,