Menu
▾
▴
Re: [Openvpn-users] comp-lzo & push "comp-lzo"
|
From: Erich T. <eri...@th...> - 2010-09-16 09:41:12
|
Hi guys at 16.09.2010 10:04, Jan Just Keijser wrote: > Jason Haar wrote: >> On 09/16/2010 07:04 PM, Erich Titl wrote: >> >>> From the fine manual ... First, make sure the client-side config file >>> enables selective compression by having at least one --comp-lzo >>> directive, such as --comp-lzo no. This will turn off compression by >>> default, but allow a future directive push from the server to >>> dynamically change the on/off/adaptive setting. >>> >> >> Urgh. You may be right - but it's certainly not intuitive. It makes no >> sense that not mentioning a feature (comp-lzo) can make something crash... >> >> Either there should be a default setting for comp-lzo (I'd suggest >> "adaptive" - more people would want compression than not), or openvpn >> should error at startup if it's compiled with lzo support and there is >> no mention of it in the config? >> >> > What worries me is that a server admin reads the manual and thinks "hey > I can just add 'comp-lzo' and 'push "comp-lzo"' and it will just work, > just like adding a route - and then the client can no longer connect > until the client config has 'comp-lzo [yes|no|adaptive]' added. > The different compression and encryption options can be quite confusing. > I think a negotiation protocol would make more sense, e.g. the client > connects to the server and states The thing that puzzled me all the time... Could the compression not be a run time thing? Dynamically loading code at runtime is definitely possible in Linux, I have heard that even Windoze supports it. I doubt it would be impossible in BSC maybe in old System5 based installations. So Why not make it a default, but not loading the code at program load but whenever either a default, push or explicit setting is seen (with a reasonable fallback and some kind of negotiation. something like - <client> hi, I am an openvpn client supporting among others, compression - <server> right, unfortunately I do not, I will log your settings but let's just play without compression - <client> what a pity, but whatever you say, let me just make a note in my log - <server> whatever suits you, let's start cheers Erich |
