VANet

From Qontrol.nl Wiki
Jump to navigation Jump to search

VANet

Freedom vs anonimity

VANet was initially intended to be a Very Anonymous darkNet(work), similar to Anonet, but with some advantages.

However, it turned out that freedom is much more important than anonimity. For example, anonet provided you with anonimity, but if a few people personally do not like you or what you do, you're out. They (pretend to) care about anonimity, but do not care about freedom at all.

Therefore, VANet will prioritize the individual freedom, and at the same time allow people to be anonymous as they like.

Government

Just like every country or network, VANet will have some kind of authority. This autority consists of the people who run the network's backbone.

This authority is responsible for setting the standards, as well as maintaining stability of the network. In general, everyone is free to do on the network whatever they like; as long as it does not get other people on the network or the backbone administrators in trouble. In the worst case (apart from any legal consequences in the backbone's'country), the 'unwanted' user is disconnected from the backbone, but he/she is still free to connect directly to other members of the network (that's not our business).

The backbone administrators should make decisions in a democratic manner. Exceptions can be made in cases of emergency (eg someone misbehaving in a way that takes down the entire network), but must be discussed with the other administrators at a later time. It should be clear to everyone how to contact the administrators, and users have the right to file complaints about an administrator.

Addressing

Domain names

VANet will, just like the real internet, allow the use of internal domain names, always ending in .vanet. Some of domain names will be open for user registration, while others are limited to backbone administrators. The following list is a proposal.

  • .vanet - TLD
    • www.vanet - A web-based list of all content (wiki style, users can add/edit content)
    • irc.vanet - The official IRC network (anycast address)
    • *.core.vanet - Official services, registrations by backbone administrators
    • *.net.vanet - Official services, registrations by backbone administrators
    • *.info.vanet - Open for user registrations
    • *.talk.vanet - Open for user registrations

Resolving

Recursive nameservers will be made available by the backbone administrators. To prevent issues for people who use either only IPv4 or IPv6, there should also be some recursive nameservers which filter IPv6 or IPv4 respectively.

IPv4

No decisions have been made on this one yet...

IPv6

The network will also (primarily?) use IPv6 addresses, because:

  • There's plenty of address space we can use
  • The future of the internet is in IPv6, IPv4 support will be dropped in the future
  • The project may encourage the use of IPv6 for other purposes
  • IPv6 allows for cleaner reverse-DNS assignments

IP addresses

We will use and advertise public IPv6 addresses on the network. This includes 6to4 addresses. In addition, we can use a private (IANA Reserved) subnet for more anonimity. A route to the AnoNet IPv6 subnet will also be advertised.

  • nnnn:nnnn:nnnn:0000:0000:0000:0000:0000/48 - VAnet
    • nnnn:nnnn:nnnn:0000:0000:0000:0000:0000/52 - Special purpose / core services
      • nnnn:nnnn:nnnn:0000:0000:0000:0000:0000/64 - Core services
      • nnnn:nnnn:nnnn:00AA:0000:0000:0000:0000/64 - Anycast (DNS, IRC)
      • nnnn:nnnn:nnnn:00BB:0000:0000:0000:0000/64 - Backbone network
    • nnnn:nnnn:nnnn:1xxx:0000:0000:0000:0000/52 - Multihomed-client subnets
    • nnnn:nnnn:nnnn:2000:0000:0000:0000:0000/52 - Experimental use
    • nnnn:nnnn:nnnn:3000:0000:0000:0000:0000/52 - Router assignments
      • nnnn:nnnn:nnnn:3x00:0000:0000:0000:0000/56 - Router assignment
        • nnnn:nnnn:nnnn:3x00:0000:0000:0000:0000/64 - Router administrator's public services
        • nnnn:nnnn:nnnn:3x01:0000:0000:0000:0000/64 - Dynamically assigned client addresses
        • nnnn:nnnn:nnnn:3x02:0000:0000:0000:0000/64 - Staticallyassigned client addresses
        • nnnn:nnnn:nnnn:3xyy:0000:0000:0000:0000/64 - Client subnets

Backbone

The network will be built around a few 'core routers' (the backbone). These routers must meet a few requirements:

  • Reliable connection and server
  • Fast connection (at least 10Mbit)
  • May not be located in a politically unstable or otherwise dangerous country
  • Must provide access to end users
  • Must have a static IP address

Backbone routers

Every backbone router will:

  • Connect to all other backbone routers using the tinc vpn daemon
  • Connect to all other backbone routers using the BGP protocol to exchange routes
  • Get (or already have) an IPv6 subnet to share with it's clients
  • Be listed on the public website
  • Allow anyone to connect (unless the user is known to misbehave or the router has reached it's user limit)
  • Automatically assign an (dynamic) IP address to new users


Every backbone router may:

  • Assign a subnet to it's clients
  • Use some routing protocol to exchange routes with it's clients
  • NOT advertise any of it's clients' routes on the backbone network
  • NOT accept routes to subnets that don't belong to their clients (clients may peer with each other though)
  • Provide reverse DNS assignment
  • Provide access to the network over Tor/I2P/Hamachi (by tunneling the VPN over Tor/I2P/Hamachi)
  • Allow access from the internet to services on the private network (web proxy, public IRC server)
  • Provide and advertise public IPv6 addresses (6to4, some kind of tunnel)

Why VAnet?

  • Create something usable:
    • Decent speed and latency
    • IPv6 is already supported by many applications - many applications can be used on VAnet
    • Strong anonimity for those who need it through the use of Tor, I2P and Friend-to-Friend networking
  • Allows people to learn about networking in a real-life environment, but also allows easy access for those who just want anonimity and freedom of speech
  • There is some kind of authority (the backbone administrators), this is necessary to keep the network usable

Links