Don't get me wrong: I love OpenVPN. It has been my go-to VPN setup since I was working with the MySQL folks in 2005 where EVERYONE was connected to a bridged (tap) OpenVPN hub in Finland. That said, the TCP tunnels (both tap and tun) "suffer" from the same sort of reliable transport layer. All packets sent through an OpenVPN tunnel are guaranteed to arrive at their destination or the tunnel will collapse before they get there. And the tunnel rarely ever collapses. This is one of the great things about OpenVPN. It is also what makes it such a terrible choice for real-time streaming media traffic. SSH? Yes! HTTP? Yes! SIP? Yup! RTP? No way. Sometimes, you need to be able to drop packets in order to ensure real-time delivery.
http://ipseclab.eit.lth.se/tiki-index.php?page=6.+OpenVPN
I could be wrong here. I would be happy if it turned out I was. But I think you'll find that although OpenVPN is a wonderful piece of software, it is not well suited to the transmission of VoIP or other real-time streaming media traffic.
73,
C.J.
On Wed, 2013-04-17 at 21:28 +0300, Marius Petrescu wrote:
(Please trim inclusions from previous messages) _______________________________________________ When you take in account OpenVPN and the problems related to UDP in VoIp communications, take in account that there are also OpenVPN tunnels over TCP, which maintain the proper packet order and don't have the mentioned problem. BTW, lesser cost mikrotik devices support OpenVPN/TCP server and client endpoints (but not UDP).
Marius, YO2LOJ
44Net mailing list 44Net@hamradio.ucsd.edu http://hamradio.ucsd.edu/mailman/listinfo/44net http://www.ampr.org/donate.html