On Wed, 03 Sep 2003, Gordan wrote: > I've got a hypothetical question, and am consequently looking for a fairly > theoretical answer. > > Say I have a bunch of nodes on a fast LAN, on private IPs (say 10.x.y.z) and > those were connected to the internet via a much slower connection with NAT on > the firewall. One node, (say the most powerful one) has a public IP, e.g. > port forwarded from the NAT firewall.
<snip private lan with one internet-visible node> With NGR, what will happen is the internal nodes will find your gateway "supernode" to be the most reliable for pretty much any query. From the outside world, if an insert hits the gateway, it may or may not route to an internal address. Same with retrieval. About the only thing you really should do is patch the supernode to ALWAYS reset datasource so your internal addy's don't pollute the global namespace. You don't have to, since NGR will quickly give up on a reference it can't reach, and old-routing will bring the CP down quickly. You'll also want to stop internal nodes from connecting out, otherwise you'll end up with lots of dropped messages. (Freenet dosn't multiplex yet, so even if you hold open a TCP connection to an outbound node you can only get one message at a time through it. If a second one arrives for you, the outside node will try to establish a second connection to you to deliver it... which won't work) NGR + NIO2 + sessionv2 should let you work behind NAT as long as you can connect to a node outside. NGR keeps a connection open to any node in your routing table, NIOv2 will make message passing more efficient, and sessionv2 may (?) support sending a "I can't reach you, please open another connection to me" message. That's all quite a ways off, but freenet works now in your config with only minor changes. Matthew: How can they keep their internal nodes from being "polluted" with external noderefs? ResetDS at the gateway should stop them from learning that way, but if one node picks up a reference to the outside world and contacts it you're going to start dragging references in. I know someone else was looking into this, did they post a patch for filtering noderefs to the list or just mention that they'd done it? --Dan
pgp00000.pgp
Description: PGP signature
_______________________________________________ Devl mailing list [EMAIL PROTECTED] http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/devl
