SSH over UDP

Publicerad

Typ

Examensarbete för masterexamen
Master Thesis

Program

Modellbyggare

Tidskriftstitel

ISSN

Volymtitel

Utgivare

Sammanfattning

The SSH protocol provides many invaluable network features over encrypted channels. In version 4.3 of the OpenSSH implementation, VPN functionality is also supported, where actual IP packets from other applications are captured and tunneled via OpenSSH to the remote location. OpenSSH is using TCP consistently for all its network connections and thus for its VPN feature. This causes the VPN feature to tunnel one TCP connection within another TCP connection. Many sources say that TCP in TCP tunneling, under realistic conditions, can give rise to conflicts between the two TCP implementations and that TCP in TCP should be avoided. Many SSH and SSL VPN solutions use this functionality anyway and it seems to work. To see whether a UDP based solution would perform better than a TCP based solution on links experiencing packet loss, we have modified the OpenSSH implementation by adding support for a UDP base connection to its VPN functionality. The modification was tested and compared to the original implementation using a test network, in which packet loss was emulated. The performance of the implementations is compared in terms of bandwidth for different rates of packet loss. We have shown that a UDP based solution performs slightly better than a TCP based solution. The most gain in performance, from using a UDP base connection, was detected when ACKs belonging to the tunneled connection where lost.

Beskrivning

Ämne/nyckelord

Systemteknik, Systems engineering

Citation

Arkitekt (konstruktör)

Geografisk plats

Byggnad (typ)

Byggår

Modelltyp

Skala

Teknik / material

Index

item.page.endorsement

item.page.review

item.page.supplemented

item.page.referenced