Hamachi "mediated" peer-to-peer sounds interesting (fwd from meltsner at gmail.com)
Alex Pankratov
ap at hamachi.cc
Fri Jan 7 20:00:49 PST 2005
Hi guys,
I look at the thread and I'd like to comment on this -
>I wonder why they didn't use IPSec.
I know IPsec/IKE reasonably well, and I just don't like IKE.
It's too generic, it's under-specified and it fairly big pain
in the ass to implement (I wrote libike a couple of years ago).
Except from being extensively peer-reviewed, the main benefit
of using IKE is a (supposed) interoperability with various vendors.
Since H doesn't need that I decided to go with a custom protocol,
which is nevertheless closely modeled after JFK and ESP.
Adam Back wrote:
> Ken Meltsner <meltsner at gmail.com> wrote:
>
>>Basically, a way to get around NAT and other router issues for a
>>peer-to-peer system, mostly seamlessly integrated as a special network
>>driver. Systems connect to a back end server which relays traffic
>>between peers on named private networks. Sort of P2P meets VPN -- if
>>they added HTTPS tunneling, it would run through nearly any corporate
>>firewall/proxy server.
>
>
> Well if they really relayed traffic between peers on their back end
> server their pipe would be saturated. (Think kazaa or bit-torrent
> over hamachi).
Apparently there's a demand for this kind of service. I'm getting
at least couple of questions a day regarding proxy/socks support.
I very much doubt though that anyone in near future will be offering
a _free_ service of this kind.
>
> I hope they actually use the server just for mediation, and send the
> traffic direct between peers.
Yes, that's exactly what we do. Server provides three core services -
* peer location
* tunnel mediation
* network management (ie peer grouping and group-level access control)
>
> Unfortunately the documentation is rather light so it's difficult to
> tell what it does in this regard.
I'm severely lacking time for updating the website. I do try to answer
all technical questions via email though.
>
> I've cc'd Alex Pankratov who is the author (I presume).
The presumption is correct.
> However maybe this beta version is not complete in that regard. Some
> other things such as the server mediated key exchange are obviously
> not shipable grade (server knows all symmetric keys!)
That's obvious to paranoids like you and me :), but not to an average
consumer who just needs to play CS or AoE over a VPN.
More information about the cypherpunks-legacy
mailing list