37 | | A similar kernel module has also been developed for Windows, namely ''ovpn-dco-win''. |
38 | | It is a device driver implemented in kernelspace that substitutes all previous drivers used by OpenVPN (i.e. |
| 41 | A kernel module has also been developed for Windows, namely ''ovpn-dco-win''. |
| 42 | It is a device driver implemented in kernelspace that substitutes all previous drivers used by OpenVPN (i.e. tap-windows6, wintun, etc..). Differently from the other drivers, ovpn-dco-win uses the Windows Kernel API to also implement crypto operations, thus allowing to process data packets entirely in kernelspace, similarly to ovpn-dco for Linux. |
| 43 | The main limitation of ovpn-dco-win is that it only supports client/p2p mode, while server mode is not available. This decision was made due to the fact that there is less and less demand for running OpenVPN server on Windows. |
| 44 | |
| 45 | The ovpn-dco-win source code is currently available at the following repository: https://github.com/OpenVPN/ovpn-dco-win |
| 46 | |
| 47 | === Expected limitations |
| 48 | Not all functionalities available in OpenVPN have been implemented in ovpn-dco(-win). The reasons for this decision are mainly: |
| 49 | 1. avoid unneeded complexity in a critical component like a kernel module; |
| 50 | 1. take the chance to give a clear cut with legacy features that OpenVPN has carried around for a while. |
| 51 | |
| 52 | In particular, this is a list (mayb not be complete) of features that are **not** available when using ovpn-dco: |
| 53 | * ciphers other than AES-GCM and CHACHA20-POLY1305 (the latter is not yet available in ovpn-dco-win); |
| 54 | * compression or compression framing; |
| 55 | * fragmentation; |
| 56 | * TAP/Ethernet mode; |
| 57 | * topologies other than ''subnet''; |
| 58 | * no traffic shaping or any other sort of data packets manipulation (system tools should be used when available). |
| 59 | |
| 60 | === Some experiments |
| 61 | |
| 62 | ... |