On Wednesday 03 September 2003 18:21, Dan Merillat wrote: > On Wed, 03 Sep 2003, Gordan wrote: > > I've got a hypothetical question, and am consequently looking for a > > fairly theoretical answer. > > > > Say I have a bunch of nodes on a fast LAN, on private IPs (say 10.x.y.z) > > and those were connected to the internet via a much slower connection > > with NAT on the firewall. One node, (say the most powerful one) has a > > public IP, e.g. port forwarded from the NAT firewall. > > <snip private lan with one internet-visible node> > > With NGR, what will happen is > the internal nodes will find your gateway "supernode" to be the most > reliable for pretty much any query. From the outside world, if an > insert hits the gateway, it may or may not route to an internal > address. Same with retrieval.
I would actually hope that provided the other private nodes are actually used directly, they would start to accumulate data and fit themselves into their own specialised areas. Once they all had a reasonably amount of data in them, they would, hopefully, start cooperating and passing data without having to go outside to fetch it. > About the only thing you really should do is patch the supernode to > ALWAYS reset datasource so your internal addy's don't pollute the global > namespace. I don't think that would happen anyway. From what I understand from Matthew's previous post, private IP addresses get automatically ignored by default anyway, unless an option in the config file is set. > You don't have to, since NGR will quickly give up on a > reference it can't reach, and old-routing will bring the CP down > quickly. That would be precisely the desired effect. > You'll also want to stop internal nodes from connecting out, > otherwise you'll end up with lots of dropped messages. (Freenet dosn't > multiplex yet, so even if you hold open a TCP connection to an outbound > node you can only get one message at a time through it. If a second one > arrives for you, the outside node will try to establish a second > connection to you to deliver it... which won't work) Stopping outward connections is not a problem, any half-decent firewall solution can do that. > Matthew: How can they keep their internal nodes from being "polluted" > with external noderefs? Is that really necessary? Surely, the polution will not have any real effect because the nodes will quickly learn that they cannot route to those nodes. More to the point, the nodes other than the border node don't have to have a default route out of the network, thus IP will RNF before things get any further. > ResetDS at the gateway should stop them from > learning that way, but if one node picks up a reference to the outside > world and contacts it you're going to start dragging references in. I don't know how Freenet handles such situations, but I would guess that external node references would quickly end up being dropped from the routing table. Gordan _______________________________________________ Devl mailing list [EMAIL PROTECTED] http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/devl
