Hi, On Tue, Sep 09, 2025 at 02:59:47PM -0400, Dan Langille wrote: > DCO seems to speed things up a little bit.
DCO speeds up things significantly while at the same time reducing
CPU load. Whether it is a "must have" depends on overall VPN
requirements... for a "I need this to securely reach low-bandwidth
things at home" profile it's not needed ;-)
> I would prefer to run as non-root, that's often a goal for me.
As of today, we haven't looked deeply into whether this is possible
on FreeBSD, and if yes, how so. OpenVPN needs to do privileged system
calls to tell the kernel "hey, new peer, use these keys" (etc).
On Linux, there is CAP_NET_ADMIN which can grant this sort of access to
non-root processes. On FreeBSD, I don't know (yet).
gert
--
"If was one thing all people took for granted, was conviction that if you
feed honest figures into a computer, honest figures come out. Never doubted
it myself till I met a computer with a sense of humor."
Robert A. Heinlein, The Moon is a Harsh Mistress
Gert Doering - Munich, Germany [email protected]
signature.asc
Description: PGP signature
_______________________________________________ Openvpn-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openvpn-users
