From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from smtp.ohgnetworks.com (smtp.ohgnetworks.com [204.130.133.20]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by lists.bufferbloat.net (Postfix) with ESMTPS id 6BDCD3B29E for ; Wed, 22 Jan 2025 18:30:10 -0500 (EST) Received: from smtpclient.apple (moat.castleinthewoods.onholyground.com [204.130.133.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.ohgnetworks.com (Postfix) with ESMTPSA id DB2BA1F537 for ; Wed, 22 Jan 2025 23:30:08 +0000 (UTC) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.6 at mx-out.ohgnetworks.com DKIM-Filter: OpenDKIM Filter v2.11.0 smtp.ohgnetworks.com DB2BA1F537 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=onholyground.com; s=ohg20230110; t=1737588608; bh=KULRgje3b5CrC8ihF6dpt02zQgtRiWIT2PyPg9C6fVE=; h=From:Subject:Date:References:To:In-Reply-To:From; b=KuxzHUj9Kl27I9tc7BMnkyGxxscHVZqPhuG/3bGuscPHwg3bkd+8AcVgNAzuX4KCd KnNjnaS81905hP/HMlPzmfw6zsla4bpTarPJqij9BgotlYeeu7ZzvuY6DOBMefneg5 EYgutBeY6BbhSRc/n+4+hbLCgIXmfng0X82R9urrZ4Iek69yVtdRnXtmLp0azbVjTz kenBl13oNwj/2AqjclMzD89eKHy12gqs/PSDOE8p59f44uPvj2EJpxCsvWVN0x+t85 Sw8lvErqTJlgC4F5NRkoFBuPcEjoYDBKRtXy28VMRIMlUTPygc0PGBTMFAM/BhGjHs Fi0B2sCKo8stw== From: Darrell Budic Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3826.300.87.4.3\)) Date: Wed, 22 Jan 2025 17:29:58 -0600 References: <269839o2-003o-1756-8r28-3on7q7nsrn54@ynat.uz> <876F3240-9935-441F-96E8-1DAD972D9606@gmail.com> To: starlink@lists.bufferbloat.net In-Reply-To: <876F3240-9935-441F-96E8-1DAD972D9606@gmail.com> Message-Id: <9406D818-99D0-40BC-BC58-4AC4F778D7EC@onholyground.com> X-Mailer: Apple Mail (2.3826.300.87.4.3) X-Spam-Status: No, hits=-1.0 required=5.0 tests=ALL_TRUSTED autolearn=disabled version=4.0.1 X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-26) on sa1.int.ohgnetworks.com Subject: Re: [Starlink] starlink and VPN X-BeenThere: starlink@lists.bufferbloat.net X-Mailman-Version: 2.1.20 Precedence: list List-Id: "Starlink has bufferbloat. Bad." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 22 Jan 2025 23:30:10 -0000 I=E2=80=99ve run openvpn over starlink on v4 and v6, client on starlink, = server in my DC. I have since switched to wireguard and haven=E2=80=99t = had any troubles other than having to play some server side tricks to = get wireguard to let me bring up more than one tunnel via the starlink = CGN. I used some fixed ports and aliased a couple IP addresses and used = some snat to force it to see things as different endpoints, otherwise = wireguard can=E2=80=99t distinguish the end points on the server. I = don=E2=80=99t think openvpn would have that problem. -Darrell > On Jan 22, 2025, at 5:25=E2=80=AFPM, Dino Farinacci via Starlink = wrote: >=20 > We did test this. IPv6 over LISP. Which means IPv6 EIDs used at = transport layer over IPv4 encapsulation. But we did not run over IPv6 = locators. >=20 > So what I mean is we tested: >=20 > (1) IPv4 overlay on an IPv4 satellite underlay=20 > (2) IPv6 overlay on an IPv4 satellite underlay=20 >=20 > Dino >=20 >> On Jan 22, 2025, at 2:53=E2=80=AFPM, Dave Taht = wrote: >>=20 >> How about openvpn over ipv6? >>=20 >> Or with a static ip assigned to the starlink? >>=20 >> Wireguard works for me.... >>=20 >> On Tue, Jan 21, 2025 at 3:02=E2=80=AFPM Dino Farinacci via Starlink >> wrote: >>>=20 >>> I haven't tried openvpn but I have done a bunch of testing of LISP = over Starlink. If anyone wants details I can point you to an Internet = Draft and slides that have been presented a couple of times at IETF. >>>=20 >>> Dino >>>=20 >>>> On Jan 20, 2025, at 11:25=E2=80=AFPM, David Lang via Starlink = wrote: >>>>=20 >>>> has anyone done any work with openvpn over starlink (especially if = they got the connectors to completely bypass the router)? >>>>=20 >>>> I've got the basic connectivity working, but am having problems = trying to get openvpn to work (especially for traffic back through the = cgnat to the router on the starlink side) >>>>=20 >>>> the logs on the client are reporting link local: (not bound) when = trying UDP, when I try TCP (and clamp the mtu low) I can connect from = the starlink side (st least sometimes) but cannot get the routing the = other way to work >>>>=20 >>>> David Lang >>>> _______________________________________________ >>>> Starlink mailing list >>>> Starlink@lists.bufferbloat.net >>>> https://lists.bufferbloat.net/listinfo/starlink >>>=20 >>> _______________________________________________ >>> Starlink mailing list >>> Starlink@lists.bufferbloat.net >>> https://lists.bufferbloat.net/listinfo/starlink >>=20 >>=20 >>=20 >> --=20 >> Dave T=C3=A4ht CSO, LibreQos >=20 > _______________________________________________ > Starlink mailing list > Starlink@lists.bufferbloat.net > https://lists.bufferbloat.net/listinfo/starlink