There's not that much overhead--your certs should be ok.  TCP for SQL would 
just make sense.  I personally wouldn't want to do what you are contemplating.  
Here's some stuff to think about:

1.  your modems will not be able to do compression.  You can't easily compress 
random data (e.g. encrypted).
2.  you won't get 33.6 unless your phone lines are pristine.  You better plan 
on 28.8--if you are lucky.
3.  I would hone my SQL sharply so it produces the smallest most relevant data 
sets possible.

4.  you might want to give them some kind of termnial/shell access for doing 
their SQL remotely, instead of from home.  Telnet or SSH.  If you used SSH you 
could obviate using a separate VPN, you could use -C for compression, and you 
could do your SQL on the server side (or the on-site side)--all in all a 
speedier alternative.

--Patrick Darden


-----Original Message-----
From: Ben Whorwood [mailto:bw...@mube.co.uk]
Sent: Thursday, April 21, 2011 12:56 PM
To: nanog@nanog.org
Subject: VPN over slow Internet connections


Dear all,

Can anyone share any thoughts or experiences for VPN links running over 
slow Internet connections, typically 2kB/s - 3kB/s (think 33.6k modem)?

We are looking into utilising OpenVPN for out-of-office workers who 
would be running mobile broadband in rural areas. Typical data across 
the wire would be SQL queries for custom applications and not much else.

Some initial thoughts include...

   * How well would the connection handle certificate (>= 2048 bit key) 
based authentication?
   * Is UDP or TCP better considering the speed and possibility of 
packet loss (no figures to hand)?
   * Is VPN over this type of connection simply a bad idea?

Many thanks in advance.

Kind regards,
Ben Whorwood


Reply via email to