[Babel-users] Some thoughts about Babel (feature requests)

[Mitar]

Hi!

On Fri, Dec 18, 2015 at 12:03 PM, Dave Taht <dave.taht at gmail.com> wrote:
> I guess I am puzzled about the need for tunnels in the architecture.
> (I found the usage of "vpn" confusing, to me a vpn offers additional
> features like encryption).

We use term VPN here to mean tunnels + broker tunnels.

We use in-kernel tunnels for the performance reasons.

Tunneldigger does not provide any encryption, if you want that, you
can setup IPsec on top of your tunnels. We try to keep layers and
concerns of various parts of our firmware separate. VPN deals with
establishing tunnels.

> You connect to each node (all 1400 of them?) to gather data via
> nodewatcher?  (Why not just have a dedicated "control" port?)

No, all nodes connect to one or more VPN servers to send network data
to the rest of the network, and also to the gateway. In our network
network has a dedicated exit into the Internet. Node hosts just
provide transit over their uplinks (in this way we protect them
against various things).

Our topology matches that of the People's open network, so you can see
diagrams here:

https://sudoroom.org/wiki/Mesh/Diagrams#Network_Topology_Diagram

> or are the vpns merely to give you a single address space in the case
> of a partitioned network and the other external links holding it
> together?

VPNs do many things. They have proven to be useful for more than just
one reason. So you can connect parts of the network together where
there is no WiFi links between those parts, and they are still the
same network. They help having end-to-end connectivity. They allow
easy bandwidth caps in *both* directions for people hosting nodes.
They protect hosts from various issues.

> I'm dying to know if ipv6 packets can transit all these different
> product and link types from one edge of the network to
> another..........

Why not? It is just one network. :-)


Mitar

-- 
http://mitar.tnode.com/
https://twitter.com/mitar_m