> On Jul 3, 2020, at 9:46 PM, Daniel Jakots <danj@chown.me> wrote:
>
> On Fri, 3 Jul 2020 20:25:12 -0400, Brian Brombacher
> <brian@planetunix.net> wrote:
>
>> My subjective net gain is simplicity, security, performance, and
>> flexibility.
>
> I don't think adding ipsec (or a mesh vpn) into the mix achieve that but
> ymmv.
>
Subjective is right :)
He has two hosts. IPsec from one to the other. Pre-negotiated encrypted channel.
MTU 1400 or so...
Four round-trip TCP packets to get the request on the backend... if the HTTP request is smaller than say 1300 bytes, to be really safe.
How is that slower?
-Brian
No comments:
Post a Comment