Under what circumstances is TCP-over-TCP performing significantly worse than TCP alone (2014)?

networking ip vpn tcp network-protocols

Solution 1:

I think it's actually more debated than you make it appear. There is an admittedly old, related Linux FAQ: http://www.tldp.org/HOWTO/VPN-HOWTO/

I've used a PPP-over-ssh-over-ADSL for more than 12 years, and it never failed me, so from my experience I'd dare to say that the doomsayers probably largely exaggerate. TCP over TCP is probably a bad idea with RTC connections, satellite links and other links with either very low throughput or very long delays, but for most uses it just works.

Now the true question is: why would you use TCP over TCP at all? When I've set up my PPP-over-ssh, it was largely because back then it was by far the easiest way to build a quick VPN; then I've used it ever since out of sheer laziness.

Nowadays there are practical, easy to set up tools like OpenVPN, IPSec VPNs so that you shouldn't ever need to bother you with this TCP-over-TCP problem.

Related

Why does the $PATH of an ssh remote command differ from that of an interactive shell?
Create screen and run command without attaching
Windows Server 2008 R2 Metafile RAM Usage
How to automatically restart a service on failure in Linux
Using CNAME to point to another domain to save IP addresses
nginx+django serving static files
Debian jessie nginx with openssl 1.0.2 to use ALPN rather than NPN
IPSec for LAN traffic: Basic considerations?
Copy data through SSH tunnel over multiple hops
Disable TCP-Offloading {completely, generically and easily}
Specifing ip address for outbound connections on a multi ip host
Is there a way to get Cache Hit/Miss ratios for block devices in Linux?