diff options
author | Philipp Tölke <toelke@in.tum.de> | 2011-11-09 09:29:30 +0000 |
---|---|---|
committer | Philipp Tölke <toelke@in.tum.de> | 2011-11-09 09:29:30 +0000 |
commit | 64b0fb18370d240b164c817a9025a37d45e55536 (patch) | |
tree | 0a6fe5fb91bf0ca59caa3ff9e9619dddbcb3f519 /src/vpn | |
parent | ab024711eb32e6736ea93b3917b9a39f72c0f033 (diff) | |
download | gnunet-64b0fb18370d240b164c817a9025a37d45e55536.tar.gz gnunet-64b0fb18370d240b164c817a9025a37d45e55536.zip |
documentation for developers/performance-metrics
Diffstat (limited to 'src/vpn')
-rw-r--r-- | src/vpn/README | 29 |
1 files changed, 25 insertions, 4 deletions
diff --git a/src/vpn/README b/src/vpn/README index 9329e665b..c1d514df2 100644 --- a/src/vpn/README +++ b/src/vpn/README | |||
@@ -17,7 +17,7 @@ gnunet to access legacy services! | |||
17 | Offering Services | 17 | Offering Services |
18 | ----------------- | 18 | ----------------- |
19 | 19 | ||
20 | If you want to offer services such as your webpage vi gnunet you have to have | 20 | If you want to offer services such as your webpage via gnunet you have to have |
21 | add "exit" to the DEFAULTSERVICES and an entry like the following to | 21 | add "exit" to the DEFAULTSERVICES and an entry like the following to |
22 | ~/.gnunet/gnunet.conf: | 22 | ~/.gnunet/gnunet.conf: |
23 | 23 | ||
@@ -51,8 +51,6 @@ If you want to allow other users to send traffic over your | |||
51 | internet-connection, add the options "ENABLE_UDP = YES" and "ENABLE_TCP = YES" | 51 | internet-connection, add the options "ENABLE_UDP = YES" and "ENABLE_TCP = YES" |
52 | to the section "exit" of the configuration. | 52 | to the section "exit" of the configuration. |
53 | 53 | ||
54 | TODO: routing | ||
55 | |||
56 | Be aware, that this enables people to use your internet connection for | 54 | Be aware, that this enables people to use your internet connection for |
57 | nefarious things which might make you liable! | 55 | nefarious things which might make you liable! |
58 | 56 | ||
@@ -61,7 +59,7 @@ For Developers | |||
61 | 59 | ||
62 | The gnunet-vpn is a combination of three programs: | 60 | The gnunet-vpn is a combination of three programs: |
63 | 61 | ||
64 | - gnunet-daemon-vpn opens a tap-interface, configures it and controls the | 62 | - gnunet-daemon-vpn opens a tun-interface, configures it and controls the |
65 | network | 63 | network |
66 | - gnunet-service-dns configures a hijack for outgoing DNS-requests, so that | 64 | - gnunet-service-dns configures a hijack for outgoing DNS-requests, so that |
67 | they get sent to gnunet-daemon-vpn, which sends them on to | 65 | they get sent to gnunet-daemon-vpn, which sends them on to |
@@ -82,6 +80,16 @@ These programs exchange whole TCP- or UDP-packets, they only strip of the | |||
82 | IP-header. This way gnunet achieves translation between IPv6-services and | 80 | IP-header. This way gnunet achieves translation between IPv6-services and |
83 | IPv4-clients and vice versa! | 81 | IPv4-clients and vice versa! |
84 | 82 | ||
83 | The gnunet-daemon-vpn receives packets on the tun-interface and routes them: | ||
84 | - everything to port 53 (dns) will be sent to the gnunet-service-dns | ||
85 | replies to these queries will be sent from the gnunet-service-dns back to | ||
86 | gnunet-daemon-vpn which will then fill in a newly generated IP-Adress, save | ||
87 | it and a descriptor of what kind of address it is (for a .gnunet-service or for | ||
88 | a "real" service) to a hashmap and send the reply back through the interface | ||
89 | - for every non-dns packet the hashmap is queried if the destination-adress is known | ||
90 | if it is, the packet gets sent to either the peer advertising the service or | ||
91 | (via the mesh by-type mechanism) to any peer that allows exit-functionality | ||
92 | - everything else is dropped | ||
85 | 93 | ||
86 | Hijacking the DNS-Traffic | 94 | Hijacking the DNS-Traffic |
87 | ------------------------- | 95 | ------------------------- |
@@ -126,3 +134,16 @@ beforehand (\texttt{\$LOCALPORT}) will be routed normally. Line 2 marks every | |||
126 | other packet to a DNS-Server with mark $3$ (chosen arbitrarily). The third | 134 | other packet to a DNS-Server with mark $3$ (chosen arbitrarily). The third |
127 | line adds a routing policy based on this mark $3$ via the routing table | 135 | line adds a routing policy based on this mark $3$ via the routing table |
128 | "table2" which is populated with just the default route. | 136 | "table2" which is populated with just the default route. |
137 | |||
138 | |||
139 | Performance Measurements | ||
140 | ======================== | ||
141 | |||
142 | These tests were done between hosts (i7 with 2.67GHz and Core 2 with 2GHz) | ||
143 | connected by a switched Gigabit Ethernet. | ||
144 | |||
145 | scp direct (100MiB file): 33.3MiB/s (as shown by scp) | ||
146 | udp echo direct (6 Bytes of data): 0.000333 (measured by tcpdump) | ||
147 | |||
148 | scp over gnunet (100MiB file): 20KiB/s (as shown by scp) | ||
149 | udp echo over gnunet (6 Bytes of data): 0.078410s (measured by tcpdump) | ||