* Add a simple username/password back-end
* Add path MTU discovery
* Keep the TLS key and certificates into the privileged process and use IPC
  for operations (this will make the privileged process a bottleneck).
* Handle multiple clients in a single tun device (check if needed at all)
* Add UDP port range