EOF - Turning the Internet Outside In

Let's hack an open Internet, starting at home.

You can only hack what's hackable. We owe Linux to the fact that operating systems are hackable, and that they can run on common hardware, much of which is also hackable. We also owe Linux to the Internet, which is a hack on wiring and data trafficking.

For PCs and mobile devices, Linux is a defaulted choice. It's at GandhiCon 4. That and the first three GandhiCons are implicit in the Mohandas Gandhi quote, “First they ignore you, then they laugh at you, then they fight you, then you win.”

The Internet, however, is another matter. The Internet Protocol (IP) arrived at GandhiCon 4 by 1981 (with IPv4). That's because it was created as what we might call a public protocol, connecting devices using just about any kind of network wiring, hardware and data link protocols (Ethernet, Token Ring, FDDI and so on), without prejudice. This made it easy and cheap for anybody to use.

By design, the Internet Protocol was decentralized. It reduced network complexity inside the network as far as possible, while relying on intelligence at its end nodes. It was even agnostic toward addressing schemes, leaving choices up to implementations at higher levels in the stack and resolution up to the Address Resolution Protocol (ARP).

Alas, what most people know best about the Internet is not its decentralized, depoliticized and free (as in both freedom and beer) public nature, but rather its centralized, politicized and costly (as in both freedom and beer) private one. This is the Internet of domain names that are privately owned (actually, rented), controlled by a central naming authority (the Internet Corporation for Assigned Names and Numbers, or ICANN) and filled with “pipes” mostly owned by private interests and highly cartelized. This is not an Internet to which we can simply connect. Instead, it's one we can “access” only through Internet Service Providers—a class of businesses that was born when small independent companies found ways to make the Internet available to anybody with a land line and has since become the tertiary service of phone and cable companies selling “broadband” or “high-speed Internet” as the third act in a “triple play”.

Although the former Internet is hackable, the latter one is not.

As it happens, I've been living in the hackproof hell of the private, centralized Internet for the last two weeks, during which time my home connection here in Santa Barbara has been intermittently plagued by high latencies and packet losses. My ping and traceroute tests clearly isolate the problem somewhere between my cable modem and the first IP address my packets encounter: a gateway downtown that's also owned by the cable company. Cable company technicians that have come to my house (four so far) have excused from blame my cable modem and all wiring between it and the service pole. They know the problem is somewhere in their system. They still have not solved it, and neither can I, even with help from many friends far geekier than myself.

So here is a radical proposition. Let's build the Internet we want—a free, open and hackable Internet—from the outside in.

This is something Bob Frankston has been advocating for many years. What Bob wants is simple connectivity between any points floating on the vast resource he calls our “sea of bits”. His latest label for this is “ambient connectivity”. In his essay “Opportunity for Innovation”, Bob writes, “Once we can assume connectivity we can start taking advantage of the opportunities. It's not just about high-value applications like education, commerce and entertainment. It's about basic infrastructure. We won't discover the real value until we've had a chance to experience ambient connectivity.” In a follow-up essay titled “Zero Marginal Cost”, he adds:

The idea that we can create our own solutions using raw, unreliable bits is at the heart of the Internet's generativity....

We've already seen the power of zero marginal cost. It was the availability of unmeasured local phone service that gave the United States the lead in adopting the Internet in the 1990s. We rejected digital phone service because the phone companies chose to charge a premium for that service. We just worked around it using modems because there was zero marginal cost for using the existing infrastructure.

Bob's model of the Internet is home networking, expanded outward through converging communities. In my interview with Bob for the March 2008 issue of Linux Journal (www.linuxjournal.com/article/10033), he said, “The networks in our homes are a good example. You 'just' print without worry about negotiating for the printing provider.”

As it happens, I'm also shopping for home networking gear—in particular, for a router/switch to connect the 16 Ethernet jacks scattered about the house. Cat-6 wiring runs from each of those jacks to a patch panel in a wiring closet. The cable company's modem is in there too.

Lemme tell ya, if there's a category ripe for disruption, it's home networking. I've been looking at Belkin, Cisco/Linksys, D-Link, Netgear and others—none of which are especially helpful. The 8-port device I'm replacing is a Netgear router/switch that was billed as a “VPN Firewall” but failed at the essentials: its gears were stripped by the cable company's new 20Mb downstream data speeds.

So let's look at making the Net hackable from the outside in. VCs always are asking about market size and “pain points” in need of relief. I can't think of a bigger, or more ideally hackable, pain than the one we find right at home.

Doc Searls is Senior Editor of Linux Journal. He is also a fellow with the Berkman Center for Internet and Society at Harvard University and the Center for Information Technology and Society at UC Santa Barbara.

______________________

Doc Searls is Senior Editor of Linux Journal

Comments

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

Hacking from the Outside In

FredR's picture

I've recently done quite a bit of hacking from the "ends" of the internet back inside. And I'm very very excited about it. Having noone really to share this with, I figured I would post it here.

At home my primary workstation runs Slackware 13 and can run a multitude of virtual guest machines. I've built it for that reason. I also have a DSL connection to the internet, nothing fancy, 8mb/512kb and a static IP. I also have a few IPv6 tunnels from HE.net.

My goal was to run virtual machines with private IPv4 addresses but public IPv6 addresses. Today that goal is a reality. There's a project called vde2 (Virtual Distributed Ethernet) from a group called VirtualSquare. To me, an understanding of internet protocols and this project were crucial. This is a virtual switch. A virtual switch which can also connect to other virtual switches over the internet.

So, on my server at home, I run a virtual machine. It gets an IPv4 address of 10.22.22.0/24 and can connect through to the regular internet via nat. It's also running radvd and handing out IPv6 addresses, but public ones. So every virtual machine I run gets a different public IPv6 address.

Now it gets even more interesting. I'm currently sitting at work. I can run a vde switch locally, and connect it (via ssh) like a virtual plug or crossover cable to home. Now if I run virtual machines (or even my host machine as this is a laptop), my local tap0 interface gets an IPv6 address... from home. As long as my ipv6 default gateway is correct, I'm connecting to the ipv6 internet using the ipv4 internet as a foundation. I connect through my office connection to home, then out to the ipv6 internet.

I can now run more than a dozen different OS's, from different physical locations, using the same IPv6 subnet from any physical location.

It was a bit of work on my part. But imagine wrapping this in a nice bundle and selling it as a service?

Internet hacking from the outside in, to go.

Come talk to me in #linuxjournal on freenode. I'm [flrichar] (n=fredr@2001:470:e075:2200:216:3eff:fe1e:eecb): Fred Richards, or [FredR](n=fredr@2001:470:e075:2200:d0ae:93ff:fe26:8415): Fred Richards ...
or someone@2001:470:e075:2200::0/64

I'm sure I'll run out of nicknames before I run out of IPs or virtual machines.

-- FLR or flrichar is a superfan of Linux Journal, and goofs around in the LJ IRC Channel

Simple Data Provider

FredR's picture

As a Sr Network Engineer for an application data services company, I would _love_ to hack the internet from the ends inward. In fact, in theory, I guarantee I could build what you are looking for. I could build it in my head. But in reality, there are several hurdles to overcome.

Doc, you talk of home networking, but trust me, the typical consumer-grade networking equipment is pretty weak and limited. Networks are typically designed and built from the core out, with each piece of equipment having particular roles and responsibilities. From the core, out to the distribution level, then finally to the fringes of the access layer. Typically, access equipment could not handle the vast processing power necessary in the core.

Not saying that it couldn't be done, but an upgrade to end user and CPE equipment would be in order. Linux would take the same consumer hardware much, much further.

Another hurdle, would be to keep the historical players out of the loop. Why do the telcos and cablecos have a duopoly? Well, whenever anyone needed a wire to their home, they were the only ones in the business of running those cables. Long distance, high bandwidth wireless (802.16 Wimax perhaps) would be a better alternative, based on standards of course.

Another bad habit of ISPs is oversubscribing. Most companies are in business to make money, at any and all costs, to the point where I've seen some pretty crazy over-subscriptions. Your cable headend node probably serves upwards of 4000 people. Do you live in a highly populated area?

So at the CPE side, you want a powerful, wireless unit, with lots of diversity. With the ability to connect to many others, where the greater number of your neighbors would work in your favor instead of against it. That piece really needs the "bittorrent" effect. Think that can be done currently with ipv4? I don't think so.

Where are we going to get millions of IP addresses per end user? I'm sure IPv6 could fill that gap.

These are just some of my ideas. Instead of following the normal layers, from physical on up, I'm thinking more of the top down, solving issues with protocols first. It still needs some under laying infrastructure help to flesh out.

One of my dreams is to create a "data provider". A company who's sole purpose is to run data to your home. That's it. DNS? Email, web hosting? On your own. Supply only raw IP connectivity. The local water authority doesn't dictate how I use water in my home, so why is my ISP so involved in my data?

Just some thoughts.

-- FLR or flrichar is a superfan of Linux Journal, and goofs around in the LJ IRC Channel

Webinar
One Click, Universal Protection: Implementing Centralized Security Policies on Linux Systems

As Linux continues to play an ever increasing role in corporate data centers and institutions, ensuring the integrity and protection of these systems must be a priority. With 60% of the world's websites and an increasing share of organization's mission-critical workloads running on Linux, failing to stop malware and other advanced threats on Linux can increasingly impact an organization's reputation and bottom line.

Learn More

Sponsored by Bit9

Webinar
Linux Backup and Recovery Webinar

Most companies incorporate backup procedures for critical data, which can be restored quickly if a loss occurs. However, fewer companies are prepared for catastrophic system failures, in which they lose all data, the entire operating system, applications, settings, patches and more, reducing their system(s) to “bare metal.” After all, before data can be restored to a system, there must be a system to restore it to.

In this one hour webinar, learn how to enhance your existing backup strategies for better disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible bare-metal recovery solution for UNIX and Linux systems.

Learn More

Sponsored by Storix