openvpn 2.6.0 released
The new openvpn 2.6.0 has some very nice and shiny features you might want to starting using soon. This post highlights some of them.
Within the last few days the 2.6.0 version of openvpn has been released - and it has some very nice features I'll highlight in this post.
Data Channel Offload (DCO)
The most big one is data channel offload which - based on a newer data framing - can run the data channel of openvpn in kernel processing of packets. This means less or even no more context switching for data packets! While it will still take a while for this to be adapted on the field, it's (in my opinion) a very huge deal as we can improve throughput by far using DCO.
Besides the reduction of context switches DCO also has the ability to use multi-threading (related to the ciphers used) - this again speeds up processing of data.
So, if you have throughput or latency sensitive workloads, make sure to check out DCO!
On windows, make sure to enable DCO when running the installer:
I've written shortly about this in the past here:
Daniel Nachtrub
Faster connection setup
Starting with wintun you have already been blessed with incredible fast connection setup. openvpn 2.6 drives this even further and has some improved negotiation for even faster connection setup.
Daniel Nachtrub
Windows pre-logon access provider
Did you ever have the issue to require vpn connectivity at logon phase on windows? Finally openvpn GUI has some pre-logon provider that can integrate with windows and allows you to connect to VPN prior windows logon - this will come handy on your next password expiration or initial logon, unless you're maybe using some nice auto-logon VPN with openvpn service.
Make sure to check the feature when going through the setup:
The auto-logon vpn is very nice if you combine it with TPM based certificates:
Daniel Nachtrub
And much more
Besides these three features, openvpn has received a lot of work. Check out the full changes here: https://github.com/OpenVPN/openvpn/blob/v2.6.0/Changes.rst
