nate writes: > also, depending on your needs, a full VPN may be overkill. Many remote > server to server communications are usually about a specific service or > services. In the case of a TCP service, e.g. mysql traffic, or LDAP > traffic, I use stunnel to link machines. This is a simple point to > point tunnel over SSL.
A problem that can arise when using stunnel for long-term tunnels is that a single bad packet causes OpenSSL to return an error and stunnel to drop the connection. We had a case where a stunnel tunnel across a noisy link would not stay up more than a few minutes under load. Switching to CIPE and later OpenVPN gave robust tunnels over the same network path. That said, I have a user who has been using a stunnel/PPP tunnel for almost two years, and his tunnel stays up for weeks at a time. -- Dick St.Peters, [EMAIL PROTECTED] -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
