|
|
|
|
|
|
by eeZi
3846 days ago
|
|
|
sshuttle's performance is actually pretty good for what it does. You can even run it with PyPy. It's not going to be a bottleneck with a recent CPU and <1Gbit. The way it does it is that is actually proxies the TCP connections instead of encapsulating them. Client <-A-> sshuttle client <-B-> sshuttle server <-C-> Server
By doing this, it sidesteps the issues you have with TCP in TCP encapsulation, especially with poor connections (the outer and the inner sessions would do their own flow control and interact badly). But this also means that it can only tunnel TCP connections. There's a fork at https://github.com/sshuttle/sshuttle which supposedly extends support to UDP, but I haven't tested it and it's only UDP, so ICMP and lots of other protocols are still unsupported. It also NATs all connections, relies on black magicâ„¢ for tunneling instead of using a tun/tap IF, uploads code to the server and requires shell access.Those are a few reasons why it's really only a workaround or a remote access tool, not a replacement for a real, UDP-based VPN. Still invaluable for those use cases. |
|
|