On 02/08/17 13:41, Abi Askushi wrote: > Hi All, > > I am considering to setup OpenVPN without encryption and packet > authorization, as a way to lower the VPN overhead, by using the > following directives: > > cipher none > auth none > > Apart from having the tunneled traffic on the clear, since now it will > not be encrypted, what other implications are there for going like this? > > My main concern for this setup is not the encryption, but low overhead. > > FYI, when testing standard VPN setup, with AES-128-CBC cipher and auth > enabled, + lzo compression, I was receiving 14 - 18% VPN overhead on top > the total udp traffic observed on WAN. When disabling encryption and > auth, I received 6% overhead. > > Thanx in advance for your feedback.
Configuring OpenVPN without encryption is a peculiar use case I've seldom quite understood, except if you're doing some research on various crypto or network related scenarios. For production need, there are far better solutions. It's almost like having an Aston Martin DB9 and not wanting to turn on the engine because you want to let it roll downhill on the road by itself. Probably a fun experience, but is it useful? To me, it sounds more like you just need an IPIP tunnel. Something which shouldn't be too hard to achieve with iproute2, which would then give the least overhead. -- kind regards, David Sommerseth
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
