On Thu, Dec 24, 2015 at 03:22:44PM +0100, Emery Hemingway wrote:
A nice diagram that covers networking emotions: https://ipfs.pics/QmdQZ3NrrwWSqhzuUQeT6Qp8iW6Zy7RoPSnKqyiCDaYyj6
Yikes, though defense in depth is a valid strategy. ;) At home I'm running libreCMC on my router with a bridged modem.
I think we have some similar networking goals, I've been taking a break on my main projects to try and port Cjdns, which is a meshnetworking engine. Wireless links are the obvious transport medium, but almost all links are actually UDP tunnels over the internet as a practical matter, so what you get in effect is a giant VPN. Because the address allocation is distributed (a requirement for a mesh network) it could be a good mate to Genode because each application can get its own IP and you can maybe throw away port numbers and firewalls. The problem is the code base is more or less maintained by single person, and the addresses is not routable back and forth to the arpanet, but you can create tunnels.
Ironically I haven't gotten ipfs to work over Tor yet since it doesn't have proxy support. I've always wanted to set up a mesh network but I haven't found enough people (more than one) in my local area.
I've been working on a project (almost out of design stage) in regard to networking, but I haven't thought of the idea of having per-application addresses. Looking at IPv6, this seems obvious in retrospect. I'm not too concerned personally about compatibility with the Internet, I'd much rather see us building overlay networks and transitioning the overlays to hardware.
https://github.com/cjdelisle/cjdns I am over here http://fc00.org/#fcc4:c658:e905:393d:529f:5473:055f:4298
I've seen cjdns, though I've looked more at BATMAN. They probably serve two different purposes though. I spend most my time toying with Tor.
It may or may not work, but either way I'm porting libuv, which is a nice library for writing networked servers, so atleast then we get a nice base to start writing simple things like DNS proxies. Its actually been quite satisfying to port because the low-level lwIP callback interface is so much simplier than POSIX sockets, especially when all you want to do is trigger a callback.
Quite interesting! One peculiar problem I've hit which caused me to use a container is that DNS resolution is done through the C library, which in GNU tends to mean 'read /etc/resolv.conf and use that'. There's no way to say 'get me a DNS server through this interface', there's no concept of it. A DNS proxy would be a great help, though 'proxy' in Genode terms can mean a lot of things. Perhaps 'service' would work better?
Shamelessly hijacking the topic since I forgot to mention it in my post earlier and it kind of relates: A distributed operating system would be a great thing to have these days, and Genode's IPC means we could have an easier way of proxying our problems over the network. We're already going to do some work to have a GUI interface to multiple VMs, so it wouldn't be much work to have those VMs be physical machines or on other machines. In the end it'd be nice to have a set of computers configured centrally and accessible by however thin a client needed, and perhaps extended to allow migration across compatible devices.
It'd be really nice to see a system where I can work on my desktop, boot up my laptop, and alongside being able to remote in, transfer over actual running applications and then turn off my desktop. Looking more at the application level, it'd be an interesting thought experiment to look at this as less of an OS or application that needed to be migrated, and more of process trees and their resources. Having routing done by the process tree you migrate and IPs for each application sounds like it'd allow roaming between machines.
Cheers, Emery
Cheers, Jookia.