- Peer-to-peer mesh VPN
- Smolmesh2 is a mesh network that can route packets over arbitrary peerings.
- It is a continuation of ittnet (Ileri Teknoloji Toplulugu net), which is confusingly on GitHub as network01.
Packet routing
To communicate with a node, you don’t need to be directly connected to it. As long as there is a path between two nodes, directly or through other peers, you can talk to it.
Route discovery
Here’s what we currently do.
- Flood a packet through the network.
- Nodes record which peer the packet came from first. This is considered the “fastest path” to that node.
- When we want to route a packet to that node, we send it through the peer that is the fastest.
Addressing nodes
In the network, each node is given an IPv6 address. Each node address has the IPv6 prefix fd00:
.
There is a translation from human-readable names to IPv6 addresses. This is done by hashing the name with the SPECK cipher.
The reference client supports multiple transports. The default transport uses TCP. Every peer connection is encrypted and authenticated using the SPECK cipher.
Task list
- Automatic peer discovery using BitTorrent trackers.
- Hash “smolmesh2”, the transport type (“legacy_tcp”) and the key you’re using to authenticate connections into an “infohash”.
- Announce that to the tracker with the port you’re listening on.
- Now clients can easily auto-discover and connect to you if they know the password. Without the correct key, they can’t even auto-discover the IP/port.
- Implement WebSocket transport to use with browsers.
- Packet types to create TCP sockets without using tuntap (for userspace networking without root).
- Or instead of that use the regular IPv6 packet type, and implement TCP on top. (but TCP is supposedly very complex and tricky to get working)
- CI/CD with nightly builds for smolmesh2. I should be able to wget a working and up-to-date copy easily.