[Freedombox-discuss] The FB Base system

Mon Oct 11 11:23:41 UTC 2010

2010/10/11 Christian Brædstrup <linuxchristian at gmail.com>

>
> 2010/10/11 Bjarni Rúnar Einarsson bre at beanstalks-project.net
>
>> Enter PageKite: somewhere there is a front-end PageKite server with a
>> public IP, and your PageKite back-end connects to it whenever it has a
>> network connection, creating a persistent TCP/IP tunnel. The back-end then
>> uses common dynamic DNS to direct public Internet traffic to the front-end,
>> which then proxies any requests over the tunnel to the back-end. The
>> back-end then connects, just like a normal reverse-proxy, to your local
>> web-server, SMTP-server, or whatever it was you wanted to expose to the
>> wider Internet.
>
>
> I think that sounds like a great place to start when doing projects for the
> non-tech user. But then you need to config both the front-end and back-end.
> If you are able to config your router can you then run both front- and
> back-end on the same system?
>

The protocol is designed to require very little configuration. The front-end
and back-end only need to agree on authentication for a given domain,
everything else is negotiated on the fly. Obviously the back-end needs to
know what service it requires, but that is the sort of thing that can be
predefined by the packaging system (once it knows what DNS name it is
using).

If you can tweak your router you can run your own front-end (or one for you
friends). And if you have a static IP and always use the same front-end,
then you don't need the dynamic DNS stuff either.

Later on I hope to add uPNP support to the back-end, so it won't even need a
front-end if the local router is willing to open up ports automatically...
but this is more of an optimization than anything, as it will only work some
of the time, and only for one back-end at a time.

>
>
>> The free-software PageKite implementation includes both the back-end and
>> the front-end. So people can mix and match front-end providers (your friend
>> could run one for you) and dynamic DNS providers. My company will be a
>> one-stop-shop for getting up and running (names for sale, sub-domains for
>> free, dynamic DNS and fast, managed, geographically distributed front-ends),
>> but there is no lock-in - others can run front-ends and the back-end already
>> has (untested) support for the protocol used by DynDNS and No-IP.com.
>
>
> Can you get at the back-end without going through the front-end? I am
> thinking that if there should be a web interface to FB then you need to be
> able to access it from your local network after installing the system and
> not having to setup the front-end before that. Or can you config the
> pagekite webserver to route local trafic to a web interface and the frontend
> trafic to your public services?
>

I'm working on this - currently the PageKites always runs in pairs, but I do
want the back-end to be able to run independently as well (this is necessary
for uPNP as mentioned above).

In the end this is actually not a PageKite issue, but more of a DNS issue -
when at home you want yourdomain.com to resolve to local machines, when you
are outside you want it to resolve to your front-end, wherever that is. This
implies that you need a DNS server at home which knows which domains are
local and which aren't. Getting that right isn't rocket-science, but it's a
lot of stuff that needs careful configuration to interoperate properly.

-- 
Bjarni R. Einarsson
Founder, CEO and janitor of the Beanstalks Project.

http://beanstalks-project.net/  ~  http://bre.klaki.net/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/freedombox-discuss/attachments/20101011/92789abf/attachment.htm>