We're sorry but this page doesn't work properly without JavaScript enabled. Please enable it to continue.
Feedback

tinc: the difficulties of a peer-to-peer VPN on the hostile Internet

00:00
subtitles
off
playback rate
1
subtitles
off
English (auto-generated)
playback rate
0.25
0.5
0.75
1
1.25
1.5
1.75
2
quality
576p
32
 Cite
 Share
 Related Material
 Download Purchase
Logo of FOSDEM VZWFOSDEM VZW
 Sliepen, Guus

Formal Metadata

Title
tinc: the difficulties of a peer-to-peer VPN on the hostile Internet
Title of Series
Number of Parts
97
Author
License
CC Attribution 2.0 Belgium:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor.
Identifiers
Publisher
Release Date
Language

Content Metadata

Subject Area
Genre
Abstract
Rather than configuring tunnels, a tinc VPN is more or less specified by its endpoints. The tinc daemons will automatically set up tunnels in order to create a full mesh network. The problem in today's Internet is that many users are trapped behind NAT, and ISPs are known to drop ICMP packets, IP fragments, and/or UDP packets, making reliable connections between peers difficult. Another problem is how to manage authentication and authorization in a fully decentralized, but user-friendly way. In this talk I will look at solutions already implemented in tinc and other VPN software, and I look at future work to solve the remaining problems. tinc is a Virtual Private Network (VPN) daemon that automatically tries to create a full mesh network between peers. It can route IPv4 and IPv6 packets, or switch any type of Ethernet packet to create a virtual LAN. It can tunnel over IPv4 and IPv6, and runs on Linux, *BSD, Solaris, MacOS/X and Windows.
00:00
Virtuelles privates NetzwerkInternetworkingSoftwareCartesian coordinate systemInternetworkingPeer-to-peerFreewareState of matterBitComputer animation
00:31
UDP <Protokoll>Virtuelles privates NetzwerkRouter (computing)Server (computing)IPSecNumberDemonPresentation of a groupPoint cloudReverse engineeringTouchscreenVirtual machineVermaschtes NetzInternetworkingSoftwareSampling (statistics)Tap (transformer)Kernel (computing)Source codeLaptopSingle-precision floating-point formatServer (computing)Open sourceNeuroinformatikClient (computing)Computer-assisted translationRoutingProjective planeWater vaporWeightWebsiteClosed setComputer programmingCircleVirtualizationMobile appSubsetVirtuelles privates NetzwerkPeer-to-peerShared memoryUsabilityComputer animation
03:35
Virtuelles privates NetzwerkComputer networkVertex (graph theory)CircleInternetworkingLine (geometry)Green's functionUDP <Protokoll>Vermaschtes NetzInternetworkingConfiguration spaceIn-System-ProgrammierungAddress spaceInformationArc (geometry)Connected spaceSoftwareNetwork topologyMereologyLine (geometry)Block (periodic table)TelecommunicationTranslation (relic)Computer animation
04:54
Address spaceSource codeComplex (psychology)Router (computing)Arc (geometry)In-System-ProgrammierungLine (geometry)Solid geometrySlide ruleSource codeConnected spaceNavigationRoutingWeightInformationAddress spaceMathematicsComputer animationDiagram
06:00
Address spaceSource codeRouter (computing)Complex (psychology)Interior (topology)Vertex (graph theory)Block (periodic table)Virtuelles privates NetzwerkComputer networkDefault (computer science)Gateway (telecommunications)UDP <Protokoll>Internet service providerCache (computing)InternettelefonieHeat transferForm (programming)Video gameMechanism designAuthenticationAuthorizationInternetworkingWind tunnelConnected spaceAddress spaceSoftwareGateway (telecommunications)Traverse (surveying)Direction (geometry)Sampling (statistics)Utility softwareLimit (category theory)Execution unitRange (statistics)Server (computing)Public key certificateCommunications protocolNeuroinformatikÜberlastkontrolleMaxima and minimaClient (computing)In-System-ProgrammierungDefault (computer science)MappingWeb 2.0Block (periodic table)Type theorySystem administratorInformationDirect numerical simulationReal numberCASE <Informatik>Field (computer science)ReliefEncapsulation (object-oriented programming)Sound effectIP addressWeightOperating systemFirewall (computing)Shooting methodWeb serviceStreaming mediaImage warpingUniverse (mathematics)DemonBand matrixComplex (psychology)Ideal (ethics)Dynamical systemBitTelecommunicationVideoconferencingLevel (video gaming)Computer animation
13:01
AuthorizationAuthenticationProof theoryPublic key certificateKey (cryptography)EmailAddress spaceUniform resource locatorIdentity managementInformationWebsiteAuthorizationLimit (category theory)Electronic mailing listEmailIdentity managementSoftware frameworkSelf-organizationLibrary (computing)Public key certificateFormal verificationUniform resource locatorMultiplication signAuthenticationDecision theoryConnected spaceGroup actionAddress spacePhysical systemOpen setWeb 2.0Centralizer and normalizer1 (number)Set (mathematics)Computer animation
15:18
EmailAuthorizationDecision theoryLocal GroupLibrary (computing)WebsiteComputer animation
15:32
Computer animation
Transcript: English(auto-generated)