It's nice to see OpenSSH following in the footsteps of OpenVPN. They are using the TUN interface and the OpenSSL library, just like OpenVPN starting doing three years ago. I think this is a cool addition and will be fun to play with, but if you are thinking of using it to build a serious VPN, there are a lot better, more mature VPN products out there that have robust feature sets built on top of this kind of tunneling, like OpenVPN.
Oh, and OpenVPN runs TCP-over-UDP, unless you really want TCP-over-TCP, in which case it can do that too.
>>You just can not run TCP over TCP. It just doesnt work.
Actually this is not true. TCP over TCP is a problem when you have packet delay and the back off times on the redundant layers cause a meltdown and stop your connection. When congestion is at a reasonable level, this will not happen. So TCP over TCP works fairly well if you don't have a near capacity link.
Slashdot Mirror
It's nice to see OpenSSH following in the footsteps of OpenVPN. They are using the TUN interface and the OpenSSL library, just like OpenVPN starting doing three years ago. I think this is a cool addition and will be fun to play with, but if you are thinking of using it to build a serious VPN, there are a lot better, more mature VPN products out there that have robust feature sets built on top of this kind of tunneling, like OpenVPN. Oh, and OpenVPN runs TCP-over-UDP, unless you really want TCP-over-TCP, in which case it can do that too.
>>You just can not run TCP over TCP. It just doesnt work. Actually this is not true. TCP over TCP is a problem when you have packet delay and the back off times on the redundant layers cause a meltdown and stop your connection. When congestion is at a reasonable level, this will not happen. So TCP over TCP works fairly well if you don't have a near capacity link.