EOF - Turning the Internet Outside In

Let's hack an open Internet, starting at home.
______________________

Doc Searls is Senior Editor of Linux Journal

Comments

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

Hacking from the Outside In

FredR's picture

I've recently done quite a bit of hacking from the "ends" of the internet back inside. And I'm very very excited about it. Having noone really to share this with, I figured I would post it here.

At home my primary workstation runs Slackware 13 and can run a multitude of virtual guest machines. I've built it for that reason. I also have a DSL connection to the internet, nothing fancy, 8mb/512kb and a static IP. I also have a few IPv6 tunnels from HE.net.

My goal was to run virtual machines with private IPv4 addresses but public IPv6 addresses. Today that goal is a reality. There's a project called vde2 (Virtual Distributed Ethernet) from a group called VirtualSquare. To me, an understanding of internet protocols and this project were crucial. This is a virtual switch. A virtual switch which can also connect to other virtual switches over the internet.

So, on my server at home, I run a virtual machine. It gets an IPv4 address of 10.22.22.0/24 and can connect through to the regular internet via nat. It's also running radvd and handing out IPv6 addresses, but public ones. So every virtual machine I run gets a different public IPv6 address.

Now it gets even more interesting. I'm currently sitting at work. I can run a vde switch locally, and connect it (via ssh) like a virtual plug or crossover cable to home. Now if I run virtual machines (or even my host machine as this is a laptop), my local tap0 interface gets an IPv6 address... from home. As long as my ipv6 default gateway is correct, I'm connecting to the ipv6 internet using the ipv4 internet as a foundation. I connect through my office connection to home, then out to the ipv6 internet.

I can now run more than a dozen different OS's, from different physical locations, using the same IPv6 subnet from any physical location.

It was a bit of work on my part. But imagine wrapping this in a nice bundle and selling it as a service?

Internet hacking from the outside in, to go.

Come talk to me in #linuxjournal on freenode. I'm [flrichar] (n=fredr@2001:470:e075:2200:216:3eff:fe1e:eecb): Fred Richards, or [FredR](n=fredr@2001:470:e075:2200:d0ae:93ff:fe26:8415): Fred Richards ...
or someone@2001:470:e075:2200::0/64

I'm sure I'll run out of nicknames before I run out of IPs or virtual machines.

-- FLR or flrichar is a superfan of Linux Journal, and goofs around in the LJ IRC Channel

Simple Data Provider

FredR's picture

As a Sr Network Engineer for an application data services company, I would _love_ to hack the internet from the ends inward. In fact, in theory, I guarantee I could build what you are looking for. I could build it in my head. But in reality, there are several hurdles to overcome.

Doc, you talk of home networking, but trust me, the typical consumer-grade networking equipment is pretty weak and limited. Networks are typically designed and built from the core out, with each piece of equipment having particular roles and responsibilities. From the core, out to the distribution level, then finally to the fringes of the access layer. Typically, access equipment could not handle the vast processing power necessary in the core.

Not saying that it couldn't be done, but an upgrade to end user and CPE equipment would be in order. Linux would take the same consumer hardware much, much further.

Another hurdle, would be to keep the historical players out of the loop. Why do the telcos and cablecos have a duopoly? Well, whenever anyone needed a wire to their home, they were the only ones in the business of running those cables. Long distance, high bandwidth wireless (802.16 Wimax perhaps) would be a better alternative, based on standards of course.

Another bad habit of ISPs is oversubscribing. Most companies are in business to make money, at any and all costs, to the point where I've seen some pretty crazy over-subscriptions. Your cable headend node probably serves upwards of 4000 people. Do you live in a highly populated area?

So at the CPE side, you want a powerful, wireless unit, with lots of diversity. With the ability to connect to many others, where the greater number of your neighbors would work in your favor instead of against it. That piece really needs the "bittorrent" effect. Think that can be done currently with ipv4? I don't think so.

Where are we going to get millions of IP addresses per end user? I'm sure IPv6 could fill that gap.

These are just some of my ideas. Instead of following the normal layers, from physical on up, I'm thinking more of the top down, solving issues with protocols first. It still needs some under laying infrastructure help to flesh out.

One of my dreams is to create a "data provider". A company who's sole purpose is to run data to your home. That's it. DNS? Email, web hosting? On your own. Supply only raw IP connectivity. The local water authority doesn't dictate how I use water in my home, so why is my ISP so involved in my data?

Just some thoughts.

-- FLR or flrichar is a superfan of Linux Journal, and goofs around in the LJ IRC Channel

Webinar
One Click, Universal Protection: Implementing Centralized Security Policies on Linux Systems

As Linux continues to play an ever increasing role in corporate data centers and institutions, ensuring the integrity and protection of these systems must be a priority. With 60% of the world's websites and an increasing share of organization's mission-critical workloads running on Linux, failing to stop malware and other advanced threats on Linux can increasingly impact an organization's reputation and bottom line.

Learn More

Sponsored by Bit9

Webinar
Linux Backup and Recovery Webinar

Most companies incorporate backup procedures for critical data, which can be restored quickly if a loss occurs. However, fewer companies are prepared for catastrophic system failures, in which they lose all data, the entire operating system, applications, settings, patches and more, reducing their system(s) to “bare metal.” After all, before data can be restored to a system, there must be a system to restore it to.

In this one hour webinar, learn how to enhance your existing backup strategies for better disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible bare-metal recovery solution for UNIX and Linux systems.

Learn More

Sponsored by Storix