| 1 |
On Saturday, 3 March 2018 03:09:25 GMT Ian Zimmerman wrote: |
| 2 |
> On 2018-03-02 20:12, R0b0t1 wrote: |
| 3 |
> > I can't find it again, but there was a neat writeup investigating the |
| 4 |
> > TCP over TCP "tunnel collapse" phenomena. When two layers are doing |
| 5 |
> > the same thing, there is a tendency for both to behave poorly. I'm not |
| 6 |
> > sure any deeper explanation was or can be offered, but it is something |
| 7 |
> > that holds true not only for network traffic, but disk IO and |
| 8 |
> > databases as well. |
| 9 |
> |
| 10 |
> I think I've seen that too, and it was when I decided to install and |
| 11 |
> learn openvpn in place of the everything-over-ssh setup I had before. |
| 12 |
|
| 13 |
I think the problem you mention refers to TCP retransmission timeouts, when |
| 14 |
you stack one TCP packet within another. RFC3439 warns against TCP layering: |
| 15 |
|
| 16 |
https://tools.ietf.org/html/rfc3439#page-7 |
| 17 |
|
| 18 |
UDP encapsulation as used for e.g. VPN does not suffer with the same problem |
| 19 |
because it does not use the same transmission quality control mechanism as |
| 20 |
TCP. I have used SSH within IPSec VPN tunnels without retransmission problems |
| 21 |
(both with and without UDP encapsulation). |
| 22 |
|
| 23 |
I am not sure if block device I/O protocols suffer the same problem - I don't |
| 24 |
really know how the read/write SCSI commands are queued and processed between |
| 25 |
host and guest OS. What I have noticed is abstraction layers relating to |
| 26 |
partitioning schemes, e.g. good ol' primary Vs logical partitions, make a |
| 27 |
difference *only* when the partition is initially mounted, but not thereafter. |
| 28 |
|
| 29 |
-- |
| 30 |
Regards, |
| 31 |
Mick |
Archives