> On Jul 3, 2020, at 9:46 PM, Daniel Jakots <d...@chown.me> wrote: > > On Fri, 3 Jul 2020 20:25:12 -0400, Brian Brombacher > <br...@planetunix.net> wrote: > >> My subjective net gain is simplicity, security, performance, and >> flexibility. > > I don't think adding ipsec (or a mesh vpn) into the mix achieve that but > ymmv. >
Subjective is right :) He has two hosts. IPsec from one to the other. Pre-negotiated encrypted channel. MTU 1400 or so... Four round-trip TCP packets to get the request on the backend... if the HTTP request is smaller than say 1300 bytes, to be really safe. How is that slower? -Brian
