[FoRK] [Pigdog] if you're not checking out cjdns, you should be

Eugen Leitl eugen at leitl.org
Sun Oct 7 08:12:46 PDT 2012


My comments to Miles.

----- Forwarded message from Eugen Leitl <eugen at leitl.org> -----

From: Eugen Leitl <eugen at leitl.org>
Date: Sun, 7 Oct 2012 17:01:42 +0200
To: The Pigdog mailing list <pigdog at lists.pigdog.org>
Subject: Re: [Pigdog] if you're not checking out cjdns, you should be
User-Agent: Mutt/1.5.18 (2008-05-17)
Reply-To: The Pigdog mailing list <pigdog at lists.pigdog.org>

On Sat, Oct 06, 2012 at 03:23:31PM -0400, Miles Nordin wrote:
> >>>>> "el" == Eugen Leitl <eugen at leitl.org> writes:
> 
>     el> This is all.

Very good questions most of them I can't answer, so I passed
them to the designer. Arguably many of them are yet not determined,
since requiring large-scale simulations.
 
> What is the problem being solved?  The elevator pitch says "easy to
> set up" and "secure".  This would not be enough to maintain my
> attention without your vouching for it.

The elevator pitch is missing most of it. The interesting part
is that it removes central address allocation (by using IPv6's 
FC00::/8) by random address generation (without draining entropy pool
too much, and it's an one-time operation at setup) and makes 
crypto public key part of the address. It uses lean and fast 
(djb's NaCl) crypto and does 700 GBit/s in software on an Opteron. 
It makes end users network operators, doesnt' require them to 
speak BGP and creates peer-accountable but otherwise not
censorable (tunnels over the wider Internet or local
loop are encrypted) network. The core logic is castable
to an ASIC, and doesn't need expensive (CAM) route memory
of current core routers. There's more, but these are interesting
features already.
 
> Potential problems to solve:
> 
>  * scalable mobility with optimal routing
> 
>    With existing Internet tools, I can assign a static IP to my laptop
>    and take it anywhere.  However, I won't have optimal routing.
>    Packets will go to a VPN head-end somewhere, then get bounced back
>    to my laptop.  I can't have a static IP that gives me 10ms to
>    nearby laptops and doesn't change when I move between US and
>    Australia.
> 
>    It's possible to do a useless version of this, ex. IS-IS with OSI
>    and other non-IP protocols with IGP's would route /32's within an
>    "area", like an office complex, and proprietary wireless networks
>    that are smart at L2 I think do this as well.  but it's useless for
>    US/AU mobility.
> 
>    It's possible to do this and not scale.  For example, the first-gen
>    airplaine wifi had a /24 for the airplane announced into BGP, and
>    as the airplane hopped base stations, it would move its BGP
>    advertisement.  but DFZ is ~300k so we are 10^4 away from scaling
>    this.
> 
>    It sounds like maybe they solve it, but if they solve it at 300k
>    scale, well, dur, BGP does that, too.  as does any traditional
>    thing---OSPF over tunnels, tinc VPN, etc.  Do they solve it at 1
>    billion nodes?

I have no idea how fast this DHT thing updates, and how chatty it
is. I personally think the only way to solve this problem is to separate
node identity from location, and use GPS and mutual time of flight
node triangulation to realtime-refresh physical address (/64 space
is about enough for an Earth-sized planet) and local node connectivity
via LoS radio or light. The routing needs to be L2 and cut-through,
with ability to scale to TBit/s and beyond so it needs proper packet
layout (most significant bits follow first, directly switching the
crossbar (precomputed path in the header, bits tweaked off at the
top as the assembly propagates across space or very minimimal
logic (subtraction), no memory lookup beyond what the crossbar
knows about link labels) in the photonic domain.
 
>  * fast mobility for mesh networks
> 
>    Do these guys match performance of OLSR or whatever "hazy-sighed
>    link-state" protocol the Freifunk guys are using?  Can I use this
>    thing *off* the Internet---give them their dream, all links are
>    radio or optical---cover a mountain with 10,000 skiiers, and place
>    end-to-end calls from one slope to another, while the skiier is
>    going down the mountain?
> 
>    Existing routing protocols have trouble with this.  It's unclear
>    how theirs is better.

No idear. Didn't design this, don't know exactly how it works, not
aware of any large scale simulations.
 
>  * censorship resistance
> 
>    Tor as trouble in China because anything widely available to
>    individuals is available to gov't as well, so it's easy to
>    blacklist any entry nodes that are widely available.
> 
>    Does this have some property that it's easy for people to join,
>    hard for the GFW to stop others from joining even if they're able
>    to join themselves, and resistant to gov't-sponsored DDoS?  Tor
>    doesn't have these properties, and they're badly needed.

I understand each end user is also a router, and only peers with
people close to them and trusts. The connectivity is low, and ideally
you can carry at least 2-3 hops on the local wireless mesh, the
rest goes over the greater Internet or long-range WiFi (Ubiquiti etc).
 
>    If it came with the limitation, "well, we can make all those
>    promises, but once you're on, you can only reach .onion addresses",
>    that's completely ok, because we just add a Tor entrypoint to the
>    cjdns network, or give important services .onion addresses.

The name space thing is being worked on. No reason why you wouldn't
run Tor on it, so .onion namespace available additionally.
 
> It seems like they'd want to pick one of these actual problems and
> explain how they fix it better than stuff that's already a lot more
> popular than they are.  "easy to set up" and "secure" are not actual

Project is less than a year old, actual code around 6 months old,
network roughly 150 nodes at the moment. It is alpha, so in a sense
it's my fault to attract attention to a project maybe prematurely.

> problems.
> 
> -- 
>   00 
>  (--)
> ( || )
> ^^~~^^



> _______________________________________________
> Pigdog mailing list
> Pigdog at lists.pigdog.org
> http://lists.pigdog.org/listinfo.cgi/pigdog-pigdog.org

-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE
_______________________________________________
Pigdog mailing list
Pigdog at lists.pigdog.org
http://lists.pigdog.org/listinfo.cgi/pigdog-pigdog.org

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE


More information about the FoRK mailing list