[nzlug] VPN/Tunnel software
Daniel Pittman
daniel at rimspace.net
Mon Oct 2 13:43:18 NZDT 2006
Jim Cheetham <jim at gonzul.net> writes:
> On Mon, Oct 02, 2006 at 12:50:24PM +1300, Matt Brown wrote:
>> Simon Lyall wrote:
[...]
> OpenVPN highly recommended. Seriously; go for it.
>>
>> I don't think it does traffic shaping.
>
> No, but you can use your existing kernel shaping tools to manage the
> tun interface directly, without OpenVPN being aware of you. It's the
> only way to shape different traffic types anyway, before they get
> crypted. Unfortunately that means you can't shape the tunnel itself
> in any way, only the input/output of it.
Sure you can: simply stick a rule for the appropriate packets (port
1194, UDP and TCP, by IANA default) on your output to and input from the
Internet.
Then you can specifically shape the VPN tunnel traffic itself, as well
as what goes in, any way you want.
Regards,
Daniel
--
Digital Infrastructure Solutions -- making IT simple, stable and secure
Phone: 0401 155 707 email: contact at digital-infrastructure.com.au
http://digital-infrastructure.com.au/
More information about the NZLUG
mailing list