Hi! On Fri, Dec 18, 2015 at 12:03 PM, Dave Taht <[email protected]> wrote: > I guess I am puzzled about the need for tunnels in the architecture. > (I found the usage of "vpn" confusing, to me a vpn offers additional > features like encryption).
We use term VPN here to mean tunnels + broker tunnels. We use in-kernel tunnels for the performance reasons. Tunneldigger does not provide any encryption, if you want that, you can setup IPsec on top of your tunnels. We try to keep layers and concerns of various parts of our firmware separate. VPN deals with establishing tunnels. > You connect to each node (all 1400 of them?) to gather data via > nodewatcher? (Why not just have a dedicated "control" port?) No, all nodes connect to one or more VPN servers to send network data to the rest of the network, and also to the gateway. In our network network has a dedicated exit into the Internet. Node hosts just provide transit over their uplinks (in this way we protect them against various things). Our topology matches that of the People's open network, so you can see diagrams here: https://sudoroom.org/wiki/Mesh/Diagrams#Network_Topology_Diagram > or are the vpns merely to give you a single address space in the case > of a partitioned network and the other external links holding it > together? VPNs do many things. They have proven to be useful for more than just one reason. So you can connect parts of the network together where there is no WiFi links between those parts, and they are still the same network. They help having end-to-end connectivity. They allow easy bandwidth caps in *both* directions for people hosting nodes. They protect hosts from various issues. > I'm dying to know if ipv6 packets can transit all these different > product and link types from one edge of the network to > another.......... Why not? It is just one network. :-) Mitar -- http://mitar.tnode.com/ https://twitter.com/mitar_m _______________________________________________ Babel-users mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/babel-users
