Is there any provision in the sstp standard to allow for tunneling over udp? Or, is there some other solution for fixing the instability caused by tunneling tcp over tcp?
With instability you mean current client doesn't provide you a stable VPN connection, or are you referring to the TCP over an TCP/IP tunnel? In case of the latter, the SSTP specification only specifies IP over an SSL tunnel using TCP/IP and was really mean to be a option for folks where L2TP/PPTP was no longer an option (e.g. your VPN connection is being blocked by a router).
I'm not actually having a problem with this, it's more of a theoretical question. I've read a couple of articles about instability while tunneling tcp over tcp. Here's one that explains it clearly:
Since this was written some time ago, I thought that a solution may have been found, or that the problem wasn't actually that serious to begin with. However, if this is a problem, then tunneling http, smb, etc. over sstp is impacted. I just wondered what your thoughts were on this.
Thank you Peter,
I actually did know of this, and it is really a fundamental problem in how the TCP protocol is designed. There is no current solution to it as far as I know.
The sstp-client was intended to permit Linux and Mac users the ability to access a Windows network when PPTP and L2TP protocols falls short. If you are concerned with performance, other protocols like IPSEC far much better.
Log in to post a comment.