Tunnels & UDP

S

Silver-0-surfer

Well-Known Member
Joined
Jan 5, 2008
Messages
317
Hi

I am in the process of setting up a radius server to do authentication for my wireless users.

RADIUS uses UDP, and the problem I am having is that on occation UDP packets sent from my NAS does not reach the server, the joys of UDP. So I was wondering, if I set up a pptp tunnel from my NAS to the server and shunt all the UDP RADIUS packets accross it, is there a better chance of my packets arriving or won't it make any difference?
 
S

syntax

Executive Member
Joined
May 16, 2008
Messages
8,656
Silver-0-surfer said:
Hi

I am in the process of setting up a radius server to do authentication for my wireless users.

RADIUS uses UDP, and the problem I am having is that on occation UDP packets sent from my NAS does not reach the server, the joys of UDP. So I was wondering, if I set up a pptp tunnel from my NAS to the server and shunt all the UDP RADIUS packets accross it, is there a better chance of my packets arriving or won't it make any difference?
Click to expand...

Not much, i suppose you can monitor the tunnel then to make sure its up, but the delivery process will still be best effort..
 
S

syntax

Executive Member
Joined
May 16, 2008
Messages
8,656
Mybb is double posting and i cant delete this one for some reason...sorry
 
Last edited:
D

daffy

Expert Member
Joined
Jun 24, 2004
Messages
1,134
PPTP will use GRE to transport your packets, but they'll still be UDPish in nature. (very vague, I know. Its just too early for me to come up with a better explanation)

This won't really help you if you're worried about reliability.

I'd suggest prioritising RADIUS traffic (if you have end to end control of the network)
 
S

syntax

Executive Member
Joined
May 16, 2008
Messages
8,656
daffy said:
PPTP will use GRE to transport your packets, but they'll still be UDPish in nature. (very vague, I know. Its just too early for me to come up with a better explanation)

This won't really help you if you're worried about reliability.

I'd suggest prioritising RADIUS traffic (if you have end to end control of the network)
Click to expand...

IE best effort/connectionless....
 
D

daffy

Expert Member
Joined
Jun 24, 2004
Messages
1,134
Just fix your network ;)
Packet loss is bad. Even 1% is bad.
I've had customers demand credit for 0.2% packet loss (and they got credit too)
 
S

Silver-0-surfer

Well-Known Member
Joined
Jan 5, 2008
Messages
317
it not really that easy, these packets are crossing the internet (ADSL) which I have little control of.
Short of getting a leased line at all locations, my hands are tied. :crying:
 
D

daffy

Expert Member
Joined
Jun 24, 2004
Messages
1,134
You could try establishing an OpenVPN link (TCP) between your AP and Core.
At least its TCP, so the packets will be reliably transmitted.
 
D

daffy

Expert Member
Joined
Jun 24, 2004
Messages
1,134
Yeah, because all the traffic will be encapsulated within a TCP connection.
 
You must log in or register to reply here.
Top