<< | Thread Index | >> ]    [ << | Date Index | >> ]

Subject: Re: CIPE Compared To PPP + SSH
From: ewheeler,AT,kaico,DOT,com
Date: Wed, 23 Jan 2002 01:33:11 +0100
In-reply-to: <BF967F2D50B0D511952A00B0D0208C3721E987@owa.dfa>

I think it can be argued that cipe's security vs. ssh is at about the
samelevel The real issue of PPP under SSH is the packet timeouts which
stack up due to TCP tunneled under TCP.  Olaf gives a really good
explanation of the problem here:
http://sites.inka.de/~bigred/devel/tcp-tcp.html

I would like to voice my personal experience of tcp-tcp:
  It works very well and fast due to ssh's compresion at first, but only
for the first hour or so.  After an hour of having the ppp link up, tcp
timeouts begin to stack up and ping times within the tunnel increase to
over 1000ms (yes, 1 second).  We were doing ODBC connections over the CIPE
tunnel which require a high response time to work at any decent rate.  The
client was very unsatisfied so we moved to a CIPE based connection.  You
loose the compression advantage, but you gain very high stability.  

--Eric

On Tue, 22 Jan 2002, Keith Hasely wrote:

> 
> All,
> 
> I am looking into setting up a VPN, from what I have read CIPE seams to be
> more of an enterprise strength VPN, compared to PPP + SSH.  From what I
> understand the advantage CIPE has over PPP + SSH is that there are known
> problems with PPP.  Can any one tell me why CIPE is more secure than PPP, or
> point me to a place where there is a comparison between creating a VPN using
> CIPE and PPP.
> 
> Kind Regards,
> Keith
> 
> --
> Message sent by the cipe-l,AT,inka,DOT,de mailing list.
> Unsubscribe: mail majordomo,AT,inka,DOT,de, "unsubscribe cipe-l" in body
> Other commands available with "help" in body to the same address.
> CIPE info and list archive: 
><URL:http://sites.inka.de/~bigred/devel/cipe.html>
> 

-- 

Eric Wheeler
Network Administrator
KAICO
20417 SW 70th Ave.
Tualatin, OR 97062
www.kaico.com
Voice: 503.692.5268





<< | Thread Index | >> ]    [ << | Date Index | >> ]