Oh, is it possible to connect to the SocialVPN overlay on PlanetLab via the Internet? Neat! As for the STUN approach, that sounds about right -- have you measured the actual success rate of peers attempting to connect with it? I know a few people on the list (including me) have spent *A LOT* of energy on this topic, and it's really freakin' hard, but super awesome.
-david On 01/17/2011 11:49 PM, Pierre St Juste wrote: > Here's some explanation about distributed NAT traversal. > > We currently run a structured P2P overlay on Planetlab, when you run > SocialVPN you join that structured overlay, we usually have about 500 - > 600 nodes running. If node A wants to connect to node B, the following > happens: > > 1 - node A sends a ConnectToMe (CTM) message to node B by using node B's > P2P address (160-bit randomly chosen address). > > 2 - The CTM message contains node A's public IP and UDP port. > > 3 - Node B replies through the overlay with his public IP and UDP port > and simultaneous sends a UDP packet to node A's public IP and port. > > 4. When node A receives the reply with node B's IP and UDP port, node A > sends a UDP packet to node B's public IP and UDP port. > > 5. If you have a friendly NAT (not symmetric), then node A's packet will > make it to node B's machine since node B has already sent a packet to > that IP and port. > > We call it a distributed STUN server because the Brunet P2P library > allows for discovery of one's public IP address and port and it also > provides an all-to-all messaging layer needed to signal the start of UDP > hole punching. > > As we all know, direct P2P communication is not always possible, in this > case, a node that is reachable by both parties is chosen as the relay > nodes and peers communicate through that. > > Finally our NAT traversal is a bit slower than regular STUN because the > initial message is routed through a structured overlay that takes log(N) > hops on average, but you may have dropped UDP packets and retries, so it > may take milliseconds or a few seconds to set up direct P2P connection. > > These papers explain in more detail > > http://byron.acis.ufl.edu/papers/ipdps06ipop.pdf > > http://byron.acis.ufl.edu/papers/hpdc145-ganguly.pdf > > http://byron.acis.ufl.edu/papers/cops08.pdf > > Hope this helps. I encourage anyone interesting to download SocialVPN > and try it out, there is windows installer and debian package. It > currently works with GoogleChat or by emailing each other your P2P address. > > On Tue, Jan 18, 2011 at 12:49 AM, David Barrett <[email protected] > <mailto:[email protected]>> wrote: > > Wow, this looks really fantastic. I hadn't followed its progress but it > sounds like it's come a long way really fast. I'd love to hear more > about its distributed STUN service and NAT traversal. Do you have any > data on its effectiveness, perhaps expressed as the likelihood that two > arbitrary nodes will be able to connect directly via the internet? Is > there a TURN or other relay service available as a fallback? Thanks! > > -david > > On 01/17/2011 08:13 PM, Pierre St Juste wrote: > > I would like to point out the SocialVPN project > > > > http://socialvpn.org > > > > It is basically a P2P VPN which creates direct encrypted tunnels to > > friends. It currently uses the XMPP protocol for friend discovery and > > public key exchange. This VPN thus creates a social graph where edges > > are IP links. This infrastructure can be used as an enabler for many > > other social services. Here are a few examples > > > > 1 - Instead of using Skype, you can use Ekiga with Avahi, Avahi > > extension for Ekiga will discover online friends through > multicast over > > the social virtual private network, you can then place SIP call > directly > > over IP link. > > > > 2. For instant messaging, you can use Empathy or Pidgin with > > Bonjour/Avahi support, as concept as above. > > > > 3. For video stream, you can stream a video over HTTP or RTP > using VLC > > and your friends can connect directly. > > > > 4. For social networking, you can run a wordpress blog locally > and have > > your friends connect to that, or you can write an social networking > > application that communicates with friends over SocialVPN using > Berkeley > > sockets API instead of having to deal with building P2P library that > > deals with NAT traversal, peer search and so on. > > > > 5. All data sent between peers is encrypted and authenticated, > basically > > the same idea behind IPSec if you support PKI certificate exchanges. > > > > One of the hardest thing about building social P2P systems is having > > with a user-friendly way to bootstrap these social links (or > Darknets). > > SocialVPN makes that step trivial so that developers can focus > more on > > making cool apps versus figuring out how to traverse NATs. > > > > I hope this helps. > > > > On Mon, 2011-01-17 at 18:57 -0800, David Barrett wrote: > >> I'd suggest first figuring out why someone would pick a P2P social > >> network over Facebook, from a perspective of legitimate > functionality > >> rather than just privacy (which as Facebook has demonstrated, > isn't a > >> killer feature). I'd suggest really emphasizing the fact that with > >> P2P-Book, there is no "uploading" photos or videos: you can > share entire > >> folders of files, videos, documents, or whatever and their instantly > >> available to your friends -- without first uploading them > somewhere else. > >> > >> Furthermore, emphasize that you're not sharing *copies* of the > videos, > >> songs, and photos -- you're sharing the originals: change the > original > >> (crop, reorient, touch up, tag with metadata, etc) and its > automatically > >> updated. > >> > >> -david > >> > >> On 01/17/2011 12:51 PM, Jan Domański wrote: > >>> Hey Michael, > >>> > >>> Thanks for the comments, they're helpful. > >>> > >>> A lot of this boils down to having two (or more) 'sides' of > self. One > >>> for general public, others for the rest; this is doable. > >>> > >>> Grudge-friendly and jackboot resistant, in ideal world, comes > with the > >>> 'distributed' and 'secure+encrypted'. But sure, seems to have > been lost > >>> in the implementation of at least one social network i can > think of. > >>> > >>> As to the grandmother compatibility, at least to me, this is not > >>> absolutely essential at first. > >>> > >>> Cherio, Jan > >>> > >>> 2011/1/16 Michael Rogers<[email protected] > <mailto:[email protected]><mailto:[email protected] <mailto:[email protected]>>> > >>> > >>> Hi Jan, > >>> > >>> Here's a quick list of features I'd like to see in any > social network > >>> (not just P2P ones): > >>> > >>> * Grandmother-compatible. It should be possible to be > friends with my > >>> grandmother without her seeing the photo of the time I did > that thing > >>> with the grapes. > >>> > >>> * Alcohol-compatible. There should be something as easy to > remember as > >>> an email address that I can give to random people I > befriend while > >>> drunk. And if they look me up the next day, there should > be a polite way > >>> of not responding. > >>> > >>> * Schoolproof. People should not be able to find my > profile just because > >>> we went to school together 20 years ago. Similarly, people > should not be > >>> able to find my profile just because I applied for a job > at their > >>> company (or at least, they shouldn't be able to see the > photo of the > >>> thing with the grapes). > >>> > >>> * Grudge-friendly. It should be possible to move my data > from one > >>> provider to another when the current provider accuses me > of lacking > >>> integrity because I don't want my grandmother to see the > photo etc etc. > >>> > >>> * Jackboot-resistant. The Tunisian government should not > be able to > >>> steal my password by setting up a fake login page. > >>> > >>> Cheers, > >>> Michael > >>> > >>> On 15/01/11 20:35, Jan Domański wrote: > >>> > Hello everybody out there interested in p2p social networking, > >>> > > >>> > I'm doing a (free) p2p social network (just a hobby, won’t > be big and > >>> > professional like diaspora). It has been in the works since > >>> summer, and > >>> > begins to get some shape. I'd like any feedback on things people > >>> > like/dislike in the idea of a p2p social network and how this is > >>> solved > >>> > by the little toy. > >>> > > >>> > I've currently written it in java, netty handles the networking, > >>> Qt is > >>> > used for GUI. Some yml for configs and db4o for storage. > Non-blocking > >>> > xml (XMPP) parser is a missing puzzle. The app has been run > only on a > >>> > single machine, but it's already practical and I'd like to > know what > >>> > features most people would want. Any suggestions are > welcome, but I > >>> > won’t promise I’ll implement them :] > >>> > > >>> > Two demos (the top one is new) below, gitorious and blog > links inside > >>> > http://www.youtube.com/watch?v=0rAwCsYt16w > >>> > http://www.youtube.com/watch?v=K1dujrhGvBQ > >>> > > >>> > Jan ([email protected] > <mailto:[email protected]><mailto:[email protected] > <mailto:[email protected]>> > >>> <mailto:[email protected] > <mailto:[email protected]><mailto:[email protected] > <mailto:[email protected]>>>) > >>> > > >>> > PS. Yes - it's all my own work and done as a scientist not a > >>> programmer, > >>> > which has terrible implications for code ;) > >>> > > >>> > > >>> > > >>> > _______________________________________________ > >>> > p2p-hackers mailing list > >>> > [email protected] > <mailto:[email protected]><mailto:[email protected] > <mailto:[email protected]>> > >>> > http://lists.zooko.com/mailman/listinfo/p2p-hackers > >>> > >>> > >>> > >>> > >>> _______________________________________________ > >>> p2p-hackers mailing list > >>> [email protected] <mailto:[email protected]> > >>> http://lists.zooko.com/mailman/listinfo/p2p-hackers > >> _______________________________________________ > >> p2p-hackers mailing list > >> [email protected] <mailto:[email protected]> > >> http://lists.zooko.com/mailman/listinfo/p2p-hackers > > > > > > _______________________________________________ > > p2p-hackers mailing list > > [email protected] <mailto:[email protected]> > > http://lists.zooko.com/mailman/listinfo/p2p-hackers > _______________________________________________ > p2p-hackers mailing list > [email protected] <mailto:[email protected]> > http://lists.zooko.com/mailman/listinfo/p2p-hackers > > > > > -- > Pierre St Juste > > > > _______________________________________________ > p2p-hackers mailing list > [email protected] > http://lists.zooko.com/mailman/listinfo/p2p-hackers _______________________________________________ p2p-hackers mailing list [email protected] http://lists.zooko.com/mailman/listinfo/p2p-hackers
