Combining Tinc and Cspace

Guus Sliepen guus at tinc-vpn.org
Mon May 14 11:35:19 CEST 2007 

On Tue, Apr 03, 2007 at 09:46:55AM +0200, Christian Cier-Zniewski wrote:

> Ok. Maybe the word integration is wrong here. Maybe it is more a
> frontend for TINC.
[...]
> As you may have seen there are some helper programs which provide some
> kind of integration for VNC, file transfer and chat. I also thought of a
> helper application which does nothing more than providing config-files
> for TINC, but handles the information exchange necessary to sucessfully
> establish a TINC-VPN with other buddies on the contact list. The
> TINC-TCP and TINC-UDP connections are handled by TINC itself as usual.
> So no modification of TINC is needed.

That's certainly possible. I don't have a lot of time to work on tinc at
the moment, so I won't be doing this. But if someone does provide such a
helper application, I can put it on the website for download.

> TINC uses a TCP connection for control and a UDP connection for data
> from what I understand. You have also implemented a TCP only mode.
> 
> Have you ever thought of a UDP only mode?

Yes. However, tinc needs to exchange data with peers in a reliable way.
TCP is made for this, UDP is not. OpenVPN works around this by
re-implementing TCP on top of UDP. That adds a lot of complexity to the
code.

> I am asking this with the idea above(Peer-to-Peer) in mind. If there
> were a UDP only mode, the clients could start UDP hole punching (for
> TINC-UDP) in their NAT routers, so a user would not even have to modify
> anything on the router.
> 
> AFAIK Skype and Hamachi are using such an approach. CSpace could provide
> the necessary mediation service for the first contact between the peers.
> But after connection establishment between the peers, you would only
> have P2P traffic without a central instance.

UDP hole puching doesn't work with all NAT routers and firewalls. You
can also do TCP hole punching, but that works with even less routers.
However, you need a third party anyway to do the UDP hole punching, it
could also do the TCP forwarding.

In the future, SCTP will probably be the transport protocol of choice.
It allows you to combine several data streams in one socket, and you can
choose per stream if you want reliable or unreliable delivery.

-- 
Met vriendelijke groet / with kind regards,
     Guus Sliepen <guus at tinc-vpn.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://brouwer.uvt.nl/pipermail/tinc-devel/attachments/20070514/69b182af/attachment.pgp

More information about the tinc-devel mailing list