[asterisk-users] QoS & VPN
Dave Platt
dplatt at radagast.org
Fri May 8 12:46:39 CDT 2009
> I would think that VoIP over VPN is a bad idea as UDP packets need to be
> in realtime not corrected by the TCP of the VPN.
That depends very much on the VPN in use.
OpenVPN doesn't suffer from this problem. Although it's SSL-based
(and one might think it does everything through SSL-over-TCP),
it actually sends the VPN traffic via UDP... it uses TCP only
for the negotiation and administrative aspects of setting up
the VPN connection.
As far as I know, OpenVPN makes no attempt at all to re-order
the packets that it encapsulates and transmits. It simply
accepts the IP packets it is to carry, encrypts them individually,
wraps them in UDP, and retransmits them to its peer. The peer
receives the UDP, decrypts, and forwards. No re-ordering.
There may be other VPNs which actually carry all of the
VPN'ed data in a single TCP stream... but I think this is
generally agreed to be a Bad Idea for several reasons.
I run SIP over OpenVPN between my Nokia N810 handheld, and
my Asterisk server at home. I have not noticed any difference
in call quality between SIP-over-OpenVPN, and non-VPN'ed
SIP, between these two endpoints... except, of course, when
the OpenVPN-encapsulated traffic gets through, and non-VPN'ed
traffic doesn't due to firewall or NATing problems at a
particular wireless network access point.
More information about the asterisk-users
mailing list