http://wiki.ucis.nl/index.php?action=history&feed=atom&title=Peer2CloudPeer2Cloud - Revision history2026-04-26T06:07:57ZRevision history for this page on the wikiMediaWiki 1.38.4http://wiki.ucis.nl/index.php?title=Peer2Cloud&diff=142&oldid=prevAdmin: 1 revision imported2022-11-09T14:49:53Z<p>1 revision imported</p>
<table style="background-color: #fff; color: #202122;" data-mw="interface">
<tr class="diff-title" lang="en">
<td colspan="1" style="background-color: #fff; color: #202122; text-align: center;">← Older revision</td>
<td colspan="1" style="background-color: #fff; color: #202122; text-align: center;">Revision as of 16:49, 9 November 2022</td>
</tr><tr><td colspan="2" class="diff-notice" lang="en"><div class="mw-diff-empty">(No difference)</div>
</td></tr></table>Adminhttp://wiki.ucis.nl/index.php?title=Peer2Cloud&diff=141&oldid=prevAdmin at 02:49, 4 December 20102010-12-04T02:49:24Z<p></p>
<p><b>New page</b></p><div>=== Design decisions ===<br />
# Route discovery on demand, instead of route announcements<br />
# Explicit per packet, source specified route<br />
# End to end NaCl encryption<br />
# Loop detection based on NaCl public keys<br />
# Supports many different types of addresses and protocols, including IPv4 and IPv6<br />
<br />
=== Other features ===<br />
* Cheap source specified routing (just one byte per hop)<br />
* Optional load balancing over multiple routes (will also reduce the impact of a failing route)<br />
* Broken routes are not detected, and thus not used (the discovery has to travel the entire path in both directions)<br />
* Allows for meshes of any form to be built<br />
* No "broadcast" traffic resulting from route announcements<br />
* No more ghost routes<br />
* Actual network topology is mostly hidden from anybody in the network<br />
* Individual IP addresses are authenticated using NaCl public key cryptography<br />
<br />
=== Limitations ===<br />
* Maximum of 255 hops<br />
* Need for broadcasts for route discovery<br />
* Discovery packets are rather large<br />
* Data broadcast packets tend to get rather large because of the key based loop detection<br />
<br />
<br />
<br />
=== Protocol spec (alpha version) ===<br />
<br />
P2P cloud protocol<br />
<br />
* After a Resource Discovery, the IP address and remote private key are cached<br />
* During renewals, the lookup targets the remote private key, the IP address is not queried again<br />
* If multiple private keys announce the same IP address, the IP address should be blocked, until administrator intervention has occured<br />
* Data packets may be encrypted end-to-end (recommended)<br />
* Resource and path discovery packets have a small encrypted data field to verify authenticy of the key<br />
* All packets may be encrypted between peers, but this is not required<br />
* Resource lookups include IPv4 addresses, IPv6 addresses, IPX addresses, and other resources for which recurring communications are useful<br />
* Actual data packets are routed as specified by the originator.<br />
<br />
Routes are specified using local peer ID numbers, these consist of 1 octet per peer, and are meaningful only to a specific node<br />
* It's meaning is comparable to a port number on an ethernet switch<br />
* A local peer ID must be unique within the context of one node<br />
* A local peer ID should not be reused for another peer within a certain time interval<br />
* A local peer may have multiple local peer IDs to hide the network topology<br />
* A node may insert artificial peer IDs to hide the network topology, but this must be done sparingly!<br />
* A node may insert additional peer IDs, if it has more than 255 peers, it can simply use two octets as a 16 bit integer, and pretend to be 2 nodes<br />
* Route specifications for a certain path are usually different in both directions!<br />
* The source of a route lookup may add a one or two octet session identifier, that it associates with the remote public key<br />
<br />
Packet type<br />
# Resource discovery - origin resource, destination resource, trace, keys<br />
# Route discovery - key, trace, keys<br />
# Route confirmation - route, trace<br />
# Route ping - route, trace, data<br />
# Route pong - route, data<br />
# Data - route, data<br />
# Broadcast data - destination resource, keys<br />
<br />
Packet contents<br />
* Flags / Type - Packet type code<br />
* Origin resource (type, value) - Resource that originated a resource discovery<br />
* Destination resource (type, value)- The resource to discover<br />
* Key - The key to discover, or the key that was discovered in a resource discovery<br />
* Route (length, values) - list of peer IDs (bytes), which specifies the intended route<br />
* Trace (length, values) - list of peer IDs (bytes), which specifies the traced route (in a trace/discovery request)<br />
* Keys (count, values) - list of unique keys to prevent loops (in broadcasts)<br />
* Data<br />
<br />
Initializing communication with another node consists of a few steps:<br />
# Path discovery, either:<br />
## Resource discovery - if the remote public key is not known<br />
## Path discovery - if the remote public key is known<br />
# Reverse path confirmation<br />
* Both ends cache the discovered paths, and should regularly verify the known paths (PING).<br />
* Either end may at any time request a new path discovery, if it has insufficient routes, or simply to detect possibly faster/better paths.<br />
<br />
Resource discovery<br />
# The initiator broadcasts a 'Resource discovery' packet to all it's peers<br />
#* Type = resource discovery<br />
#* Optional: Origin resource = initiator resource<br />
#* Destination resource = resource to locate<br />
#* Route = [ initiator session ID ]<br />
#* Keys = [ initiator public key ]<br />
# On reception, a node checks whether it serves the requested resource<br />
## If so:<br />
### It creates a session for the initiator public key (if it does not already exist)<br />
### It adds the traced route to the list of routes for that session<br />
### It sends a Reverse path confirmation via the traced route:<br />
###* Type = route confirmation<br />
###* Origin resource = located resource<br />
###* Key = located public key<br />
###* Route = [ local session ID ]<br />
## If not:<br />
### It checks whether it's key is listed in the Keys field, if so, the packet is discarded<br />
### If the Route field has reached 255 entries, the packet is discarded<br />
### It adds the local peer ID of the sending peer to the Route, and it's local key to Keys<br />
### It broadcasts the packet to all of it's peers (except the sending peer)<br />
### Step 2 repeats<br />
<br />
Path discovery<br />
* This is used when looking for a public key.<br />
* After a resource discovery, the located public key should be cached, and can be re-used in a path discovery.<br />
* The procedure is very similar to the Resource discovery<br />
<br />
== Alternative less promiscuous protocol ==<br />
A sends to X:<br />
A sends discovery to peers B and C, hopcount=1<br />
B sends discovery to C and D, hopcount = 2<br />
C sends discovery to B and D, hopcount = 2<br />
C ignores discovery from B (higher hopcount)<br />
B ignores discovery from C (higher hopcount)<br />
D sends discovery to X (hopcount=3)<br />
D ignores second discovery (time out)<br />
X answers D (hopcount=1, return=4)<br />
D answers B (hopcount=2, return=4), request from B arrived first with equal hopcount<br />
B answers A (hopcount=3, return=4), request from A arrived with lowest hopcount</div>Admin