docs: manual: Remove wrong TCP-over-TCP info; minor copy editing #106
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
The main reason for this commit is to remove this text:
Tunneling TCP over TCP (as SSH does) is not the best idea.
There exist better solutions like VPNs based on the IP
layer.
It's true that TCP-over-TCP is a bad idea, because it can lead
to TCP "meltdown"; however, it is *not* true that tunneling via
SSH implies TCP-over-TCP. Indeed, because a VPN is a much more
general solution to tunneling, it is likely to perform worse
than SSH for the simple case of connecting to a single, specific
AFP Server.
Consider the following port forwarding (using OpenSSH):
ssh -N -L localhost:1234:localhost:548 example.com
When an AFP Client communicates with an AFP Server through this
tunnel, the data they exchange is encapsulated in TCP and decap-
sulated from TCP such that TCP is never encapsulated by TCP;
that is, TCP-over-TCP *never* occurs (view the following diagram
with a monospace font and with at least 93 coloumns of text):
localhost:1234 example.com:22 localhost:548
| | |
| | |
V encrypt(AFP)--+ V V
|
+--------------+ +--------------+ V +--------------+ +--------------+
| AFP | AFP/TCP | AFP | ???/TCP | AFP | AFP/TCP | AFP |
| data <=====o=========o==============o=========o==============o=========o=====> data |
| | | | | | | |
| AFP Client | | SSH Client | | SSH Server | | AFP Server |
+--------------+ +--------------+ +--------------+ +--------------+
Anyway, while I was in the source rummaging around, I took the
opportunity to perform some copy editing, including a few mild
additions and clarifications.
|
Pushed to master. Thanks! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This commit is intended to apply cleanly as a fast‑forward merge. The reason for this is that a future pull request will merge this commit's changes into
branch-netatalk-3-1, so as to record the nature of the development and to avoid the duplication of cherry-picking.Of course, if this is not possible, that future pull request can be re-configured.
The main reason for this commit is to remove this text:
It's true that TCP-over-TCP is a bad idea, because it can lead to TCP "meltdown"; however, it is not true that tunneling via SSH implies TCP‑over‑TCP. Indeed, because a VPN is a much more general solution to tunneling, it is likely to perform worse than SSH for the simple case of connecting to a single, specific AFP Server.
Consider the following port forwarding (using OpenSSH):
ssh -N -L localhost:1234:localhost:548 example.comWhen an AFP Client communicates with an AFP Server through this tunnel, the data they exchange is encapsulated in TCP and decapsulated from TCP such that TCP is never encapsulated by TCP; that is, TCP‑over‑TCP never occurs (view the following diagram with a monospace font and with at least 93 coloumns of text):
Anyway, while I was in the source rummaging around, I took the opportunity to perform some copy editing, including a few mild additions and clarifications.