Hi! I have a question about the overall overhead of OpenVPN. I'm using AES-128-CBC with lzo compression. OpenVPN says these numbers during the init phase:
EF:58 - i think this is the actual overhead, without the tunnel. Is it right? EB:23 - this is an extra buffer for lzo?(can i reduce this somehow, without turning lzo off???) ET:0 EL:0 I found a picture about this on the internet, which is something like this: ---------------------------------------------------------------------------- -------------------------------------------------------------------- |eth 14b|IP 20b|UDP 8b||OpenVPN hdr ?b|Encrypted data(IP 20b,UDP8b,payload xx b)|OpenVPN tlr| ---------------------------------------------------------------------------- -------------------------------------------------------------------- This shows nothing about HMAC, i think, that the actual packet looks like this: ---------------------------------------------------------------------------- ---------------------------------------------------------------------------- - |IP 20b|UDP 8b| original packet IP+TCP 52 bytes | HMAC 20 b | IV ? B | seq number 8b |encrypred DATA | ---------------------------------------------------------------------------- ---------------------------------------------------------------------------- - Here the actual overhead is 20+8+20+?+8 bytes. (IV 2 bytes?) Is this correct? If not, can you explain me these 58 bytes reported by OpenVPN? Thanks in advance: Viktor Schlaffer
