Re: NNCP road warrior - John Goerzen

public inbox for nncp-devel@lists.cypherpunks.ru
Atom feed

From: John Goerzen <jgoerzen@complete•org>
To: Koushik Roy <meff@meff•me>
Cc: nncp-devel@lists.cypherpunks.ru
Subject: Re: NNCP road warrior
Date: Wed, 12 Jan 2022 15:07:31 -0700	[thread overview]
Message-ID: <87wnj4ppzw.fsf@complete.org> (raw)
In-Reply-To: <87czl24rxe.fsf@pop-os.localdomain>

On Sat, Jan 08 2022, Koushik Roy wrote:

> John Goerzen <jgoerzen@complete•org> writes:
>
> I've joined the public mesh for this before and played around. It never
> occurred to me to try to use this (or CJDNS) and have the underlying
> mesh handle the routing for me. This sounds like a pretty great idea
> honestly. It might even be a fun "social" way for folks to peer on
> NNCP. Offering a handoff between an NNCP net on Hyperboria or the
> Yggdrasil equivalent and a separate NNCP network on the regular net
> might be interesting too. Lots of possibilities here!

I absolutely agree!  I hope to get the Quux public relay available on
Yggdrasil in the near future.

FWIW, cjdns is no longer maintained and Hyperboria is also in decline.
Yggdrasil is both the software (akin to cjdns) and network (akin to
Hyperboria) and is explicitly designed to address some of the
shortcomings in cjdns and BATMAN.

>> Tinc vpn https://tinc-vpn.org/ is another option.  While it came along
>> long before Yggdrasil, I think of it as sort of a private-only
>> alternative.  Like Yggdrasil, it has mesh routing so you can reach any
>> of your nodes via any others so long as there is a path somewhere,
>> somehow.  Unlike Yggdrasil, it's aimed more at traditional VPN uses and
>> lets you specify your own IP ranges, routing between networks, etc.
>
> The reason I didn't want to go with a Tinc/OpenVPN/WireGuard solution is
> configuration. Configuring routes is a pain, and I don't want to have to
> remember different IPs in different situations. Though when I phrase it

This is absolutely a great point.  Yggdrasil is sooo easy.  Though the
tradeoff is, if you peer with the main net anywhere, you probably want
to have a firewall in place (not a bad idea anyhow, really) since it
effectively gives you an unfiltered public IP.

>> A sort of third option is Tor.  I've tried this for awhile, and operate
>> a couple of nncp-daemons as a Tor onion service.  This achieves the
>> portability I'm looking for, but is slow.  EXTREMELY slow.  So slow, in
>> fact, that NNCP seems to have a 10-second timeout on connect that often
>> gets triggered.
>
> Tor seems a bit overkill here? NNCP is already doing its own
> encryption. The onion routing doesn't seem as useful, but then again, it
> depends on your use case. It would be interesting to setup an NNCP
> hidden service that hands messages off to Usenet. Or this would only be
> interesting to me and I'm weird, which is a perfectly acceptable result.

So the reason I was using tor is because hidden services on tor are
(except for things like Yggdrasil) one of the easiest ways to be able to
run nncp-daemon on a connection that can't have a public listening port.
Also in some cases, tor lets people bypass restrictive firewalls and
such.   In fact, the quux public relay is available via tor.  I have
used this technique to get files to my home machine from remote - but as
I said, it's so slow and I don't really need the anonymity at the tor
level anyhow.

> Thanks for the recommendation I have no idea why I completely forgot
> about CJDNS and Yggdrasil. I'm probably going to set those up instead
> and mesh my machines together and use NNCP over that. I can't believe I
> missed something so obvious. I never ended up doing any measurements to
> see what the overhead incurred by the mesh was the last time I was
> playing around with CJDNS and Yggdrasil, so this seems like a good
> opportunity to.

I tried it out at home.

I have 2.5Gbps LAN cards between my main workstation and a server.
Yggdrasil was running at about 1Gbps on that, which had the CPU on the
slower of the machines pegged, presumably due to encryption and such.
Over the public Internet, when I have my laptop at a remote location
peered directly to a computer at home, the latency of ssh is half what
it was when using a bastion box in between them.  Also mosh is finally
usable for me due to the stability of IPs.

nncp over Yggdrasil is quite fast and well-performing, too.

John

>
> - Koushik

next prev parent reply	other threads:[~2022-01-12 22:08 UTC|newest]

Thread overview: 10+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-01-06 20:54 NNCP road warrior John Goerzen
2022-01-08  0:57 ` Jonathan Lane
2022-01-08 11:26   ` Sergey Matveev
2022-01-08 21:00     ` Jonathan Lane
2022-01-12 21:40   ` John Goerzen
2022-01-08  7:17 ` Koushik Roy
2022-01-12 22:07   ` John Goerzen [this message]
2022-01-08 11:12 ` Sergey Matveev
2022-01-12 22:13   ` John Goerzen
2022-01-14  8:03     ` Sergey Matveev