Which one is better?
One port is probably better if I want to circumvent ISP/government censorship?
Many governments block many VPN protocols.
Which one is better?
One port is probably better if I want to circumvent ISP/government censorship?
Many governments block many VPN protocols.
Better is subjective. It can definitely help "the human operator" to use one port as it reduces configuration problems where the human uses the wrong port. It's perhaps slightly better to have fewer ports from a firewall perspective too I suppose?
Neither of those are particularly compelling to me. What IS compelling to me in favor of one port is that it allows using the two most common ports: 80, 443. Lots of corporations will block many/all outbound ports, but often leave 80/443 open because "that's the internet". So, if you want to install a router and a controller on ONE node, you'll have two options:
So, either controller or router can listen on one port on its own? I need something like HAProxy to listen on one port for both controller and router?
If I don't have to worry about censorship, are multiple ports faster?
neither is faster than the other. if anything, i'd think going through another hop (the proxy) would be ever so minutely 'slower', but in practice, I'm quite certain it won't matter with respect to how fast either solution is.
Yes, if you want a single port and want to run a router and a controller, you'll need HAProxy/NGinx/etc, something that can make a decision as to where to route traffic based on SNI