On Mon, Oct 11, 2010 at 8:51 AM, Christian Brĉdstrup <span dir="ltr"><<a href="mailto:linuxchristian@gmail.com">linuxchristian@gmail.com</a>></span> wrote:<br><div class="gmail_quote"><blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex; border-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;">
<br>
<div class="gmail_quote">2010/10/11 Melvin Carvalho <span dir="ltr"><a href="mailto:melvincarvalho@gmail.com" target="_blank">melvincarvalho@gmail.com</a></span><div class="im"><br>
<blockquote style="border-left: 1px solid rgb(204, 204, 204); margin: 0px 0px 0px 0.8ex; padding-left: 1ex;" class="gmail_quote">Any thoughts on a DynDNS system? Eben Moglen talked about this ...<br>probably something to go with the base?<br>
</blockquote>
<div> </div>
</div><div>Good point. There should be some kind of DynDNS system in the base perhaps along with the Tor based network some of the other guys are talking about. I don't know what the base solution would be. Perhaps including PageKite in the base and modifying the server to block external IP's to the web interface as standart? The system is still in a very early alpha but perhaps it would be a great solution for the future. Bjarni what is your view on that? I think you are the best person to answer that :)</div>
</div></blockquote><div><br>Cool, other people doing my advocacy for me!<br><br>PageKite is built around the idea that people will almost certainly want to run publicly visible servers on plug computers or other personal devices (including mobile ones). Eben mentioned dynamic DNS as a way to make this work, but in my experience dynamic DNS alone is insufficient. In addition to the DNS issues, today you also have to reconfigure routers (hard for non-techies, and hard for me because my ISP gave me a locked-down router) - and making stuff like this work on a mobile device which changes networks frequently is basically a lost cause. Also, if FreedomBoxes really do become the revolution that we aim for, we should expect multiple f-boxes behind the same router - sharing a single IP. Running services in that environment is decidedly nontrivial.<br>
<br>Enter PageKite: somewhere there is a front-end PageKite server with a public IP, and your PageKite back-end connects to it whenever it has a network connection, creating a persistent TCP/IP tunnel. The back-end then uses common dynamic DNS to direct public Internet traffic to the front-end, which then proxies any requests over the tunnel to the back-end. The back-end then connects, just like a normal reverse-proxy, to your local web-server, SMTP-server, or whatever it was you wanted to expose to the wider Internet.<br>
<br>The free-software PageKite implementation includes both the back-end and the front-end. So people can mix and match front-end providers (your friend could run one for you) and dynamic DNS providers. My company will be a one-stop-shop for getting up and running (names for sale, sub-domains for free, dynamic DNS and fast, managed, geographically distributed front-ends), but there is no lock-in - others can run front-ends and the back-end already has (untested) support for the protocol used by DynDNS and No-IP.com.<br>
<br>The alpha (which people are welcome to volunteer to help test) currently supports HTTP and HTTPS (end-to-end, PageKite doesn't need to decrypt the packets it just looks at the SNI header), and I plan support for XMPP, incoming SMTP (not outgoing or relayed, due to spam issues) and content-agnostic dynamically allocated high ports as well.<br>
<br>Note that not all protocols can be supported - only ones where the front-end can do "name-based" virtual hosting to choose which back-end to send traffic to. So things like SSH or TLS-encrypted IMAP won't work without modifications.<br>
<br>I don't see this as a replacement for tor or other truly decentralized, anonymous routing systems. This is solving a different problem, providing compatibility with the existing protocols and letting people use a FreedomBox to openly share with the public Internet. I think a lot of people want to be able to do that.<br>
<br>For obvious reasons I would love for this tech to go in the base image. I'm not exactly impartial though, so I'm bit shy about arguing the point too strongly - but I do really believe it can solve a huge issue for the FreedomBox.<br>
<br>I'm happy to answer any technical questions in more detail, and happy to let people try things out. I hope to open up for public testing and make an initial public release of the software in about a month. The PageKite intro I posted to my company blog is here: <a href="http://beanstalks-project.net/2010-09-21/Beanstalks_technology_preview">http://beanstalks-project.net/2010-09-21/Beanstalks_technology_preview</a><br>
<br>-- <br></div></div>Bjarni R. Einarsson<br>Founder, CEO and janitor of the Beanstalks Project.<br><br><a href="http://beanstalks-project.net/" target="_blank">http://beanstalks-project.net/</a> ~ <a href="http://bre.klaki.net/" target="_blank">http://bre.klaki.net/</a><br>