IETF-SSH archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: SSH v3?



denis bider <ietf-ssh3%denisbider.com@localhost> writes:

> - On connections prone to random errors (wireless), large transfers
> are bound for disconnects at a rate of 2^-16 per error. TCP just
> corrupts the data in this case. SSH detects the corruption, but cannot
> recover from it.
> - A TCP connection can be reset by a single spoofed RST packet from
> anyone who knows the IP address and port number of one of the end
> points.

So you're basically saying that tcp sucks. That's not very ssh specific.

Maybe it would make sense with some mechanism to let ssh reconnect after
a tcp connection fails. You may also want to have a look at mptcp,
which, among other things, can let a connection survive failure of a
single tcp flow.

> - TCP prevents efficient tunneling of datagram flow over an SSH
> session: introduces unnecessary lag to maintain stream abstraction for
> applications that don't need it.

It's definitely possible to tunnel udp over tcp (with or without ssh
being involved). Whether or not that's good enough depends on the
application. What are the usecases for udp-tunneling over ssh? You also
have dtls, which might solve your problem in a better way than ssh (I'm
sorry I don't know the details of that protocol).

Regards,
/Niels

-- 
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26.
Internet email is subject to wholesale government surveillance.



Home | Main Index | Thread Index | Old Index