Comments (6)
It is probably possible to add some limits to how much is allowed to be sent via the supernode, but the current protocol actually uses this traffic to trigger the p2p communication. There is also the problem that if p2p connection cannot be established, it leaves the network in a hard to detect partitioned state.
from n3n.
Thank you for answering.
Is there any way to separate the “NAT hole-punching” traffic (or the initial traffic to establish a p2p connection)?
Would this again cause compatibility issues with the original n2n edge?
On top of that, I'm curious as to why n3n's logging output defaults to errout.
from n3n.
By the way, in use, I tested different NAT environments and found some issues:
I have categorized the mapping and filtering behaviors in the following table
I think it should be possible to establish p2p connections between class C users, but not in practice
from n3n.
The nat hole punching supernode traffic is both indistinguishable to the regular network packets and is encrypted such that the supernode cannot look at the packet data - so it will probably require an incompatible protocol change to achieve this seamlessly. It might be plausible to do some kind of rate limiting at the supernode, but the initial traffic would always need to traverse the supernode. Can you explain your use case in more detail?
There are a number of advances in the NAT traversal technology that we would like to add to the system - but from my side, that is waiting for a bunch of refactoring of the core code to make it easier to add in changes.
Where do you think the log output should go? In most cases, it is expected that these outputs are consumed by whatever is starting the daemon. When doing debugging and testting it is very handy to have the main log in stderr and separated from the output from the requested actions (in stdout)
from n3n.
Modifying the code related to NAT hole-punching is really a challenge. As the title says, I want my supernode to be used only for “nat discovery” and not to forward traffic between edges.
Regarding the log output, I observed that there is output from both stdout and errout.
With traceEvent
the output is defaulted to errout, but the one located in src/win32/wintap.c
uses printf
and system
output to stdout. this is different from the n2n which all outputs to stdout, so I have this question
from n3n.
Why are you wanting to force this use of your supernode? If we can understand better what you are trying to achieve then it might be possible to know what kinds of workaround would be possible to use.
Unfortunately, the win32 code was largely written without reference to the coding styles that are used in the entire rest of the codebase. As that code gets refactored, it should start using the traceEvent method for generating log messages for consistency. The output from the child processes and system() calls may be a little different, since their code cannot be updated to use traceEvent.
The longer term answer for logging on windows platforms may simply be to run the daemon as a windows service. Probably then sending the logging to the windows event log system (and losing any ability to see the messages from the child processes)
from n3n.
Related Issues (20)
- Why is *.service installed in /lib/systemd/system/? HOT 4
- The --docdir parameter in the ./configure is invalid. HOT 1
- 3.3.2 fails to build on OpenBSD 7.3 HOT 2
- Add IPv6 support HOT 3
- Investigate adding FEC HOT 4
- Traffic Restrictions on supernode? HOT 8
- Whitepaper for NAT traversal improvements HOT 2
- Investigate "edge: *** bit out of range 0 - FD_SETSIZE on fd_set ***: terminated" errors HOT 7
- Supernode crash when creating dynamic keys for username-password auth HOT 4
- dropped incoming data from unknown supernode HOT 3
- edge crashes on Windows, memory access violation (LZO decompression?) HOT 26
- I suspect that the memory access issue is not in the lzo library, but in the pointers that have been handed to the lzo. HOT 1
- JsonRPC needs pagination support HOT 1
- Can you add some features? HOT 9
- edge running,but has warning :"WARNING: n3n has not been compiled with libcap-dev; some commands may fail" HOT 2
- Can DHCP be added and placed in the same group, and edge can customize subnet masks? HOT 3
- Setting a static address should be simple
- Restarting edge can lead to "address already in use" errors
- Improve documentation and tools for routing / iptables
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from n3n.