TCP or UDP?



  • I haven't been able to find any good info on whether or not I should be using TCP or UDP for my OpenVPN server.  Does OpenVPN have error checking/ reliability protocols built in to negate the deficiencies of UDP?



  • OpenVPN "tunnels".
    You transmit over OpenVPN whatever you want. That can be AppleTalk, UDP, TCP, NetBIOS, etc.

    If you use TCP for OpenVPN that might create a Problem:
    http://sites.inka.de/~W1011/devel/tcp-tcp.html

    So if you can use UDP.
    There might be some cases where you HAVE to use TCP.
    Like when your OpenVPN connection is over a proxy.



  • @naughtyusmaximus:

    I haven't been able to find any good info on whether or not I should be using TCP or UDP for my OpenVPN server.  Does OpenVPN have error checking/ reliability protocols built in to negate the deficiencies of UDP?

    Well, the man page says:

    OpenVPN is designed to operate optimally over UDP, but TCP capability is provided for situations where UDP cannot be used. In comparison with UDP, TCP will usually be somewhat less efficient and less robust when used over unreliable or congested networks.

    And the HowTo says:

    While OpenVPN allows either the TCP or UDP protocol to be used as the VPN carrier connection, the UDP protocol will provide better protection against DoS attacks and port scanning than TCP



  • Right

    Thank you for that info Gruens, that is exactly the question I was meaning to ask.


Locked