Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
When running ssh over an OpenVPN network does it make sense to compress both?
The OpenVPN network carries several types of traffic, not just ssh, so presumably its best to have OpenVPN configured for compression in case the upper level packets are not compressed.
ssh packets' payloads are encrypted so are random so cannot be compressed. Presumably ssh compresses raw data and so reduces the amount of encrypted data to be transmitted. The same reasoning would apply to any encrypted data.
If my understanding is correct, it would follow that both OpenVPN and ssh should be set to compress to minimise the size of what is sent over the wire.
Interesting! I would agree with you.
OpenVPN trying to recompress the ssh-packets would be an overhead as you stated, but maybe the compression performed by ssh would give overall more benefits than the overhead.
But as usual, there are a lot of variables involved: maybe when OpenVPN tries to re-compress the ssh-traffic the ssh-packets grow in size a lot (similar to zipping a zip-file), or the HW of your source/target server (used to compress/uncompress the traffic) is just too slow compared to the bandwidth you have, or the type of traffic handled by your ssh is not ideal (e.g. from what I saw now ssh does not achieve the same compression ratio for both single chars and strings), or the network you use has a high latency, etc... .
So, probably the only way to be sure about it would be to test a real-world scenario... .
A test may be the best way to find out. ssh can be set to compress data using -C, but even the man page warns that on fast networks that may actually slow things down.
I had hoped that a Gedankenexperiment would be enough and a practical test could be avoided!
If I find time to test I will update this thread. Meanwhile I will compress both because our end-to-end OpenVPN network is not fast and increasing the size of small packets (say a single character typed during an interactive ssh logon) would not be a problem.
Addendum:
btw, no clue about openvpn (never used it), but at least with ssh if you're using (especially on the side which performs the compression) a recent intel cpu, then you can tell ssh to use one of the algorithms that use the hw-acceleration of your cpu. Did some tests a few months ago and my transfer rate doubled (if i can remember correctly).
will check during the next days what was the exact option i used (as usual I thought "I'll write it down", but of course I didn't).
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.