Hey, Tinc developers! I'm not sure if anyone else has brought this up, but we've got a rather good reason for using TCP, even though UDP will actually form a working connection. Anyone on Comcast's "small business" service is forced to use an SMC cable modem/router. Its NAT implementation is capable of letting tinc's UDP tunnels work fine, but they limit a single UDP stream to 1mbps. I've confirmed with some techies at Comcast that this is by design. The only workaround for us to get a fast tunnel is to switch to TCP. I'm totally happy with the option being not recommended for most users, but I'd like to ask that it not be completely removed in future versions. Thanks! -- Kevin
On Wed, Feb 24, 2010 at 04:49:51PM -0600, Kevin Day wrote:> I'm not sure if anyone else has brought this up, but we've got a rather good > reason for using TCP, even though UDP will actually form a working > connection. Anyone on Comcast's "small business" service is forced to use an > SMC cable modem/router. Its NAT implementation is capable of letting tinc's > UDP tunnels work fine, but they limit a single UDP stream to 1mbps. I've > confirmed with some techies at Comcast that this is by design. The only > workaround for us to get a fast tunnel is to switch to TCP. > > I'm totally happy with the option being not recommended for most users, but > I'd like to ask that it not be completely removed in future versions.Thanks for telling us about this issue. The TCPOnly option will not go away. -- Met vriendelijke groet / with kind regards, Guus Sliepen <guus at tinc-vpn.org> -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 198 bytes Desc: Digital signature URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20100225/eb54354e/attachment.pgp>
On 24.02.2010 23:49, Kevin Day wrote:> Anyone on Comcast's "small business" service is forced to use an SMC > cable modem/router. Its NAT implementation is capable of letting > tinc's UDP tunnels work fine, but they limit a single UDP stream to > 1mbps.Oh great - I'm sure you are very happy with your ISP, then? The same is actually true for a German cable network ISP: Kabel Deutschland. They massively throttle UDP connections (depending on time of day, transfer volume and possibly other criteria, like port numbers). This makes running any kind of VPN with this ISP quite a pain. Therefore, I tend to recommend _not_ using their so-called "services", whenever possible. -- Best regards, J?rg Weske