Three times as much is absolute worst case. In reality, it's more like twice as much for just his incoming traffic.
Uh, how do you figure? Each inbound packet comes into the tunnel-host site, out of the tunnel-host site, and into the DSL host site. Each outbound packet takes the reverse path. Three times as much bandwidth.
-Bill
Each inbound packet goes from its source to the tunnel-host, then from the tunnel-host to its destination. That's two transits instead of one. If the tunnel-host is very close to the destination, the added leg will tend to be less than the first leg, so even a doubling may be an overestimate. As for outbound packets, why do they need to take the reverse path? There's no reason the tunnel can't be unidirectional. Even if the ISP is stupid and filters its customers' legitimate traffic, forcing them to encapsulate the outbound packets, the same argument still applies. Obviously, you have to choose a tunnel-host wisely. Ideally, you would pick one that meets your DSL provider very closely. In any event, the argument that VPNs "waste Internet bandwidth" rings pretty hollow. People buy Internet access to have Internet bandwidth to use for whatever applications they have. Heck, I would argue that USENET is the biggest waste of Internet bandwidth there is. That doesn't mean it should go away. DS