p2pnet.net News Feature:- While the people who run the entertainment cartels rage and scream, hopelessly locked in the physical 1990s, the rest of the world moves ahead in the 21st digital century, helping the future to open through peer-to-peer technologies.

Larytet’s Rodi is a decentralized p2p application purpose-designed to, “serve the filesharing community with fast data delivery and serve the Open Source community by facilitating faster software deployment.

There`s an excellent interview with Larytet by IntegrityP2P`s IP2P R&D team

Read on >>>>>>>>>>>>>>>>>>>>>>>>

IntegrityP2P’s Interview with Rodi Developer Larytet
By Vivacious – IntegrityP2P

IntegrityP2P: Can you give us an overview of what Rodi’s features are and what it can do?

Larytet: At the current phase this is not much – users can search the network using a filename or filehash (MD5) as a key, download and upload/share files, and run bouncer to proxy traffic for others. This is approximately 20% of initial functional requirements.

Main market for Rodi is LANs like corporate networks or campuses. Satellite internet where TCP underperforms is another.

IntegrityP2P: What inspired you to make Rodi?

Larytet: Probably the last drop was closing most popular torrent servers. I started to understand that this is probably much more serious than just MP3s or poor quality video clips. I decided to create a fully searchable and decentralized network, where publishers or content providers could stream data without exposing IP addresses.

IntegrityP2P: Where do you see P2P at in ten years, and what role do you think Rodi will play then?

Larytet: Does your question imply, “What is going to happen with distribution of copyright works” ? I expect that in the next 5 years authorities in most countries will require ISPs to provide realtime access to the full logs. Statefull firewalls are going to be mandatory if the ISP wants to keep their license. It will greatly influence both P2P and content providers. I think that the process is going to be bidirectional. Content owners will reduce prices and distribute many more titles in attempt to monetize “tails” -the 60% of customers who are not satisfied by pop music. On the other hand law enforcement is going to be significantly more effective than it is today.

If you ask about the legal applications of P2P, like Skype and Linux distros over BT it depends on how tolerant ISPs are going to be to the “parasitic” traffic. So far ongoing events do not provide many reasons for optimism. And if ISPs get access to the content at reasonable prices (think AOL/TimeWarner) there isn’t any business reason to run P2P based distribution networks. Video server can stream the data as well.

Another direction is grid networks. There are some other areas, but all of them are relatively small niches and I think out of scope of the question. I guess that Rodi will not survive 10 years, but I hope that some ideas from Rodi will.

Bottom line – traffic analyzers can be very effective. Enforcement of this or that policy is technologically possible today and getting cheaper and easier every minute. There isn’t much money discovered in P2P applications, but there is plenty of money invested in the firewalls and NATs because of corporate networks.

I would like to see that free “open source” artistic works create competition for the existing industry. In my view this is one of the most promising areas of using P2P.

IntegrityP2P: How does Rodi differ from other P2P apps?

Larytet: This is probably the most decentralized P2P network created so far. Rodi can run without super nodes,
GWebcashes, message boards, index servers, trackers two peers can find each other even from behind firewalls and NATs.

To my best knowledge this is the first P2P network functional requirements of which include things like faked RTP packets to circumvent traffic analyzers and firewalls.

This is the first attempt to create a P2P network which is searchable by content and effectively creates a fully decentralized search engine. Imagine that instead of Yahoo/Google/MSN everybody can run his/her own search engine and produce results according to the customized keywords tables. The Isaac Asimov fanclub can run their own search engine, and the Vietnam Vets of America their own.

IntegrityP2P: What kind of protections does Rodi offer to its users?

Larytet: Packet bouncing and the possibility to spoof IP source address. Rodi bouncers behave exactly like any proxy in other anonymous networks – forwarding packets to the destination.

IP spoofing is not possible for many, maybe not for most of the broadband users, but for those who can spoof IP source, Rodi is probably the only alternative.

IntegrityP2P: Rodi features “NAT Penetration”, how does that feature work, and who can benefit by using it?

Larytet: In the current version Rodi client creates malformed DNS packet and sends it to port 53 (DNS). It means that the Rodi client behind a firewall can send data only to Rodi clients using port 53. This is not the only limitation, but the most important one.

It works because apparently some firewalls do not implement any analyzing of DNS packets.In the future I expect that I’ll have to implement spoofing of RTP packets and HTTPS. Everybody sitting behind a firewall (University, business) can run a 300K applet directly from a WEB site (Try Rodi) or a USB disk or a floppy and gain access to the network. Part of the functional requirements is HTTP tunnelling. The moment it’s implemented every Rodi peer is going to be an HTTP proxy. It will create much more work for companies like Websense.

IntegrityP2P: At this stage of development, Rodi is currently too technical for the average p2p user to operate. Do you have plans to automate and simplify its configuration so that ‘Joe sixpack’ can use it too?

Larytet: Cleaning up the GUI front end and adding new features is a slow process. First versions of eMule are dated by summer 2002. For comparison, the first line of Rodi was written in the summer 2004. Rodi, and for that matter any other open source project, will not succeed without help and I do not ask for donations. Visit ‘Join Rodi’ page to find out how you can help the project.

IntegrityP2P: Why use udp instead of tcp/ip?

Larytet: I asked Bram Cohen that question – why TCP and not UDP. He thinks that using UDP is an amateurish

mistake. I agree that in general case TCP is a right protocol in right place. TCP is best or good enough for vast majority of the applications, not for all of them. One example is audio and video streaming. You can’t spoof IP source address if you establish TCP connection. To be more accurate you can’t do it with standard TCP/IP stack. TCP session starts with three way handshake. Both sides have to provide correct IP address otherwise handshake fails. A log of TCP session is rather reliable proof of IP source address. Some commercial systems even implement IP source filtering to protect SNMP/Telnet/FTP connections. It’s considered good enough by many in the industry.

Rodi at some point can support spoofing TCP sessions, but I do not have a timetable for this one and I am not sure that it’s possible to implement in portable way.

IntegrityP2P: What is a bouncer, and what role does it play in Rodi?

Larytet: Let’s say that A and B are two peers wishing to talk with each other. A wants to hide their IP address. A asks peer C to help. A sends packets to C instead of B and advertises the IP address of C. From now on B knows only IP address of C and not of A. A is completely hidden behind C. C is a bouncer.

If A can spoof his/her IP source address, the game is going to be even more interesting. A can ask C to forward all packets not to one but to ten different IP addresses. Only one of ten IP addresses belongs to A. Now even the bouncer does not know what is the real IP address of A. And yet another twist. If A can spoof their IP address, A can send data directly to B and improve performance.

In the answer above I skipped many technical details related to how Rodi bouncer works. Actually Rodi bouncer is a statefull firewall.

(Thanks, Carpe File)

================

Something you think we should know? tips[at]p2pnet.net

This entry was posted on Tuesday, April 26th, 2005 at 7:38 pm and is filed under Uncategorized. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

HOME

Viewed 10841 times