I’m looking at creating a P2P system. During initial research, I’m reading from Peer-to-Peer – Harnessing the Power of Disruptive Technologies. That book states “a fully decentralized approach to instant messaging would not work on today's Internet.” Mostly blaming firewalls and NATs. The copyright is 2001. Is this information old or still correct?
+2
A:
It's still largely correct. Most users still are behind firewalls or home routers that block incoming connections. Those can be opened easier today than in 2001 (using uPnP for example, requiring little user interaction and knowledge) but most commercial end-user-targeting applications - phone (Skype, VoIP), chat (the various Messengers), remote control - are centralized solutions to circumvent firewall problems.
Pekka
2010-03-05 15:31:43
when you call on skype it goes over p2p
Andrey
2010-03-05 15:38:55
@Andrey the connection is established through a central server, which is the point of this question.
Pekka
2010-03-05 15:43:52
this is the point that i didn't understood. if it is p2p, what is meant by "established through a central server"?
Andrey
2010-03-05 15:56:57
@Andrey read the link in Chris Lively's comment in his answer, it explains pretty well how a hole is punched in two firewalls.
Pekka
2010-03-05 15:57:57
+1
A:
Firewalls and NATs still commonly disrupt direct peer-to-peer communication between home-based PCs (and also between home-based PCs and corporate desktops).
They can be configured to allow particular peer-to-peer protocols, but that remains a stumbling block for most unsavvy users.
Oddthinking
2010-03-05 15:32:24
+2
A:
I would say that it is just plain wrong, both now and then. Yes, you will have many nodes that will be firewalled, however, you will also have a significant number who are not. So, if end-to-end encryption is used to protect the traffic from snooping, then you can use non-firewalled clients to act as intermediaries between two firewalled clients that want to chat.
You will need to take care, however, to spread the load around, so that a few unfirewalled clients aren't given too much load.
Skype uses a similar idea. They even allow file transfers through intermediaries, though they limit the through-put so as not to over load the middle-men.
That being said, now in 2010, it is a lot easier to punch holes in firewalls than it was in 2001, as most routers will allow you to automate the opening of ports via UPNP, so you are likely to have a larger pool of unfirewalled clients to work with.
Aaron
2010-03-05 15:37:25
@Aaron Skype establishes the connection through a central server. Punching holes is still impossible in a considerable number of client PCs all over the world, especially behind corporate firewalls.
Pekka
2010-03-05 15:44:48
Almost. Skype does not establish connections between users via a central server. The only thing a central server is used for is authentication to the skype network and boot-strapping clients (giving them some clients to connect to). They may also use it for directory services, and likely it is used for skype-out and voice mail, but that goes beyond the scope of the question. But user to user calls are definitely negotiated via P2P.
Aaron
2010-03-05 17:43:28
IIRC, eMule's Kad network at least works this way. Control traffic for firewalled clients is forwared by non-firewalled "buddies". Documentation on this seems a little sparse though, or at least somewhat difficult to find.
DataWraith
2010-03-12 20:36:38
A:
It's very old and not correct. I believe there is a product out called Tribler (news article) which enables BitTorrent to function in a fully decentralized way.
If you want to go back a few years (even before that document) you could look at Windows. Windows networking used to function in a fully decentralized way. In some cases it still does.
UPNP is also decentralized in how it determines available devices on your local network.
In order to be decentralized you need to have a way to locate other peers. This can be done proactively by scanning the network (time consuming) or by having some means of the clients announcing that they are available.
The announcements can be simple UDP packets that get broadcast every so often to the subnet which other peers listen for. Another mechanism is broadcasting to IIRC channels (most common for command and control of botnets), etc. You might even use twitter or similar services. Use your imagination here.
Firewalls don't really play a part because they almost always leave open a few ports, such as 80 (http). Obviously you couldn't browse the network if that was closed. Now if the firewall is configured to only allow connections that originated from internal clients, then you'd have a little more work to do. But not much.
NATs are also not a concern for similiar issues.
Chris Lively
2010-03-05 15:40:36
@Chris Firewalls do play a part - it still is impossible to actively establish a connection to a PC sitting behind a standard router or firewall, be it on port 80 or not. This is why every major communication service uses a centralized go-between to which both clients actively connect.
Pekka
2010-03-05 15:47:30
@Pekka: If both sides are firewalled, then yes an intermediary is used. This is why I said they don't really play a part anymore and you would have a little more work to do. Incidentally, skype has a great post on how all of this works: http://www.skype.com/help/guides/p2pexplained/
Chris Lively
2010-03-05 15:55:35
@Chris I know the contents of the link. The need for an intermediary is what makes this difficult for a decentralized messaging service IMO, which is what the OP asked about. It is 2010, and you still can't reliably establish a direct p2p connection to another computer. You can work with lists of intermediaries that can establish a connection just like Skype does, but then you have a centralized infrastructure again,don't you? Anyway, I admit a workable p2p solution could be built using a "swarm" of intermediaries who establish the connection.
Pekka
2010-03-05 16:00:02
@Pekka: From that perspective you are right, "true" p2p can't work on the global internet. I guess I was approaching it more from a "I personally don't have to provide the intermediary" point of view. Having that one intermediary makes it trivial to monitor all communications, where as decentralizing the intermediary to function on multiple outside hosts is entirely feasible and neatly sidesteps the issue.
Chris Lively
2010-03-05 16:05:43
A:
Thanks everyone. It looks like I have more research to do on UPNP, Tribler and Skype. I also found another resource at http://openp2p.com/.
I am also going a take a closer look at "overlay networks" and see if they provide some potential.
Cordially,
stephen
Stephen Deetz
2010-03-06 18:29:21