[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: Tor speed
-----BEGIN PGP SIGNED MESSAGE-----
> On Fri, Feb 13, 2009 at 12:55 PM, Scott Bennett <bennett@xxxxxxxxxx> wrote:
>> By reinventing TCP within tor, the proponent(s) believe they can achieve
>> better overall performance, even though they lose the basic operating-system
>> level of support for reliable delivery in the process and I think they lose one layer
>> of encryption, as well.
> I would go with this question further: why reinventing TCP over UDP
> again in general? General solutions and implementations for that
> already exist. For example, Tor could just simply add another layer
> with OpenVPN (or just OpenVPN based) system.
> One hackish, to show my idea, solution could be to build first a world
> wide VPN network based on OpenVPN with internal IPs, each Tor node
> would get one. Modify Tor nodes to open a new TCP circuit (even if it
> already exists) with a target node for every data stream. And this is
> it. Data streams would not be multiplexed in one TCP session (hm, does
> this decrease security?) so if one TCP stream has packet loss this
> will not influence other, and rebuilding a TCP connection from UDP
> packets would be done by OpenVPN.
If I understand this correctly, node-to-node transmission would still be
adding another layer of TCP sequencing to any underlying TCP connection
sent into the network on the client end; however, that new TCP sequence
wouldn't be "in the clear" as it previously was, but would be
encapsulated courtesy OpenVPN's UDP engine.
It's still there, however.
Ideally, node-to-node transmission would *not* add another TCP
sequencing layer; any TCP-based protocol which wants to use the network,
would do its own housekeeping. The overlay network shouldn't do any
sequencing of its own.
(I'm going to have to look more into this SCTP stuff, by the way; I
don't know much about it, and it sounds interesting.)
Owner of Tor node "kitsune"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----