On 08/06/18 17:57, Simon Deziel wrote: > On 2018-06-08 11:47 AM, David Sommerseth wrote: >> Encryption adds some latency (--cipher). Packet authentication (--auth) is >> another latency source. > > It's worth nothing that with AES-GCM, authentication is essentially > free. I think the OP mentioned using OpenVPN 2.4 so presumably GCM is > used but I'd double check.
True. >> --tls-crypt/--tls-auth is yet another latency source. > > Wasn't that just for the control channel? That is right. And I could have been clearer on that. But there are some control channel packets in between which may add, even though pretty minor, latencies on the data channel stream. But since we don't know where the limit goes in regards to how much latency is required to knock down the data channel performance, it's good to beware of this one too. And in this context, --tls-crypt will also be slightly more expensive (time wise) than --tls-auth. -- kind regards, David Sommerseth OpenVPN Inc
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
