All of lore.kernel.org
 help / color / mirror / Atom feed
From: Matthias Urlichs <matthias@urlichs.de>
To: Gianluca Gabrielli <tuxmealux@protonmail.com>
Cc: "wireguard@lists.zx2c4.com" <wireguard@lists.zx2c4.com>
Subject: Re: TCP Wireguard with socat
Date: Mon, 12 Mar 2018 19:47:35 +0100	[thread overview]
Message-ID: <5e7ded44-d128-ed3a-c9e2-0b0480b4d89f@urlichs.de> (raw)
In-Reply-To: <XPP6R4g8xCtXsMbJljJf5ScBfx_FobBsPY66Hr7AO3venYsjyGhk0fdjtDnczcQUsMn18vZgB-CLkFCO54Ny-0LnWogx_T48_MdNsNiFd-o=@protonmail.com>

On 12.03.2018 15:37, Gianluca Gabrielli wrote:
> BTW on this thread (https://superuser.com/questions/53103/udp-traffic-through-ssh-tunnel) they show how to perform UDP over TCP tunnel.

Yeah, and in the comments people explain why this is a bad idea.

Look, this is fairly easy to understand. TCP is a byte stream. It does
not know about packets; if you read from it you get N of the bytes the
other side has written, no matter in what chunks. TUN/TAP on the other
hand is a packet interface. It doesn't understand partial or aggregated
packets – it wants exactly one complete packet per write() call.

It's like pouring multiple cups of water at a time through a funnel. If
you pour slowly enough, each distinct chunk of water arrives at the
other end so that you can distinguish the original amounts, but if you
pour too fast or if there's an obstruction in the flow the distinction
gets lost and you lose packets (or, worse, the receiver sees additional
gibberish at their end).

Just use ssf. It's a tool that's built to do the job right. socat is
not, and it will not.

-- 
-- Matthias Urlichs

  parent reply	other threads:[~2018-03-12 18:38 UTC|newest]

Thread overview: 12+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-03-09 16:41 TCP Wireguard with socat Gianluca Gabrielli
2018-03-09 21:45 ` Matthias Urlichs
2018-03-12  9:15   ` Gianluca Gabrielli
2018-03-12 11:30     ` Matthias Urlichs
2018-03-12 14:37       ` Gianluca Gabrielli
2018-03-12 15:14         ` Gianluca Gabrielli
2018-03-12 15:44           ` Tim Sedlmeyer
2018-03-12 16:45             ` Gianluca Gabrielli
2018-03-12 17:05             ` Matthias Urlichs
2018-03-12 18:47         ` Matthias Urlichs [this message]
2018-03-13  9:19           ` Gianluca Gabrielli
2018-03-13 13:43             ` Matthias Urlichs

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=5e7ded44-d128-ed3a-c9e2-0b0480b4d89f@urlichs.de \
    --to=matthias@urlichs.de \
    --cc=tuxmealux@protonmail.com \
    --cc=wireguard@lists.zx2c4.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.