SoftEther VPN User Forum

Hello,

I am using SoftEther Client Version 4.04 on Ubuntu 10.04.4 LTS (x86/32 Bit). It works fine. Thank you, dnobori, for this great software!

After connecting to vg1868122484.opengw.net via SSL-VPN and starting tcpdump on my virtual interface I see a lot of traffic not related to my computer, but to approx. 100 foreign stations. In a quick look I identified:

- ARP requests and answers
- DHCP request and leases
- TCP/IP packets TO stations on the HUB
- and more (but no TCP/IP FROM stations on the HUB)

This traffic is useless. It is wasting bandwidth and violates privacy. May be it is a security risk.

To improve your software I suggest: Replace the soft HUBs in your server by soft SWITCHes.

just wondering what SWITCH you are talking about, L2/L3 or something else?

> To improve your software I suggest: Replace the soft HUBs in your server by
> soft SWITCHes.

A Virtual Hub is already a L2 Ethernet switch.

dnobori wrote:
> A Virtual Hub is already a L2 Ethernet switch.

To my understanding: No!

Both hardware HUBs and SWITCHes operate on L2, but difference is:

- A hardware HUB on a network sends traffic from a port to all other of its ports. So does your software according my observation. That is bad.
- A hardware SWITCH is a HUB that filters packets by ethernet address and sends received unicast packets from a port only to that port which has the correct destination ethernet address attached. So your software should do, I suggest.

kbi,

Did you have "Privacy Filter Mode" enabled on your User's - Security Policy when you ran your test?.