ViewVC Help
View File | Revision Log | Show Annotations | Download File
/cvs/gvpe/doc/gvpe.protocol.7
(Generate patch)

Comparing gvpe/doc/gvpe.protocol.7 (file contents):
Revision 1.2 by pcg, Tue Mar 15 19:23:33 2005 UTC vs.
Revision 1.8 by pcg, Sun Aug 10 23:04:05 2008 UTC

1.\" Automatically generated by Pod::Man v1.37, Pod::Parser v1.14 1.\" Automatically generated by Pod::Man v1.37, Pod::Parser v1.32
2.\" 2.\"
3.\" Standard preamble: 3.\" Standard preamble:
4.\" ======================================================================== 4.\" ========================================================================
5.de Sh \" Subsection heading 5.de Sh \" Subsection heading
6.br 6.br
23.ft R 23.ft R
24.fi 24.fi
25.. 25..
26.\" Set up some character translations and predefined strings. \*(-- will 26.\" Set up some character translations and predefined strings. \*(-- will
27.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left 27.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
28.\" double quote, and \*(R" will give a right double quote. | will give a 28.\" double quote, and \*(R" will give a right double quote. \*(C+ will
29.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used to 29.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
30.\" do unbreakable dashes and therefore won't be available. \*(C` and \*(C' 30.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
31.\" expand to `' in nroff, nothing in troff, for use with C<>. 31.\" nothing in troff, for use with C<>.
32.tr \(*W-|\(bv\*(Tr 32.tr \(*W-
33.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' 33.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
34.ie n \{\ 34.ie n \{\
35. ds -- \(*W- 35. ds -- \(*W-
36. ds PI pi 36. ds PI pi
37. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch 37. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
127.\} 127.\}
128.rm #[ #] #H #V #F C 128.rm #[ #] #H #V #F C
129.\" ======================================================================== 129.\" ========================================================================
130.\" 130.\"
131.IX Title "GVPE.PROTOCOL 7" 131.IX Title "GVPE.PROTOCOL 7"
132.TH GVPE.PROTOCOL 7 "2005-03-15" "1.8" "GNU Virtual Private Ethernet" 132.TH GVPE.PROTOCOL 7 "2008-08-10" "2.2" "GNU Virtual Private Ethernet"
133.SH "The GNU-VPE Protocols" 133.SH "The GNU-VPE Protocols"
134.IX Header "The GNU-VPE Protocols" 134.IX Header "The GNU-VPE Protocols"
135.SH "Overview" 135.SH "Overview"
136.IX Header "Overview" 136.IX Header "Overview"
137\&\s-1GVPE\s0 can make use of a number of protocols. One of them is the \s-1GNU\s0 \s-1VPE\s0 137\&\s-1GVPE\s0 can make use of a number of protocols. One of them is the \s-1GNU\s0 \s-1VPE\s0
139packets. This protocol is described in more detail the second part of this 139packets. This protocol is described in more detail the second part of this
140document. 140document.
141.PP 141.PP
142The first part of this document describes the transport protocols which 142The first part of this document describes the transport protocols which
143are used by \s-1GVPE\s0 to send it's data packets over the network. 143are used by \s-1GVPE\s0 to send it's data packets over the network.
144.SH "PART 1: Tansport protocols" 144.SH "PART 1: Transport protocols"
145.IX Header "PART 1: Tansport protocols" 145.IX Header "PART 1: Transport protocols"
146\&\s-1GVPE\s0 offers a wide range of transport protocols that can be used to
147interchange data between nodes. Protocols differ in their overhead, speed,
148reliability, and robustness.
149.PP
150The following sections describe each transport protocol in more
151detail. They are sorted by overhead/efficiency, the most efficient
152transport is listed first:
146.Sh "\s-1RAW\s0 \s-1IP\s0" 153.Sh "\s-1RAW\s0 \s-1IP\s0"
147.IX Subsection "RAW IP" 154.IX Subsection "RAW IP"
155This protocol is the best choice, performance\-wise, as the minimum
156overhead per packet is only 38 bytes.
157.PP
158It works by sending the \s-1VPN\s0 payload using raw ip frames (using the
159protocol set by \f(CW\*(C`ip\-proto\*(C'\fR).
160.PP
161Using raw ip frames has the drawback that many firewalls block \*(L"unknown\*(R"
162protocols, so this transport only works if you have full \s-1IP\s0 connectivity
163between nodes.
148.Sh "\s-1ICMP\s0" 164.Sh "\s-1ICMP\s0"
149.IX Subsection "ICMP" 165.IX Subsection "ICMP"
166This protocol offers very low overhead (minimum 42 bytes), and can
167sometimes tunnel through firewalls when other protocols can not.
168.PP
169It works by prepending an \s-1ICMP\s0 header with type \f(CW\*(C`icmp\-type\*(C'\fR and a code
170of \f(CW255\fR. The default \f(CW\*(C`icmp\-type\*(C'\fR is \f(CW\*(C`echo\-reply\*(C'\fR, so the resulting
171packets look like echo replies, which looks rather strange to network
172admins.
173.PP
174This transport should only be used if other transports (i.e. raw ip) are
175not available or undesirable (due to their overhead).
150.Sh "\s-1UDP\s0" 176.Sh "\s-1UDP\s0"
151.IX Subsection "UDP" 177.IX Subsection "UDP"
178This is a good general choice for the transport protocol as \s-1UDP\s0 packets
179tunnel well through most firewalls and routers, and the overhead per
180packet is moderate (minimum 58 bytes).
181.PP
182It should be used if \s-1RAW\s0 \s-1IP\s0 is not available.
152.Sh "\s-1TCP\s0" 183.Sh "\s-1TCP\s0"
153.IX Subsection "TCP" 184.IX Subsection "TCP"
185This protocol is a very bad choice, as it not only has high overhead (more
186than 60 bytes), but the transport also retries on it's own, which leads
187to congestion when the link has moderate packet loss (as both the \s-1TCP\s0
188transport and the tunneled traffic will retry, increasing congestion more
189and more). It also has high latency and is quite inefficient.
190.PP
191It's only useful when tunneling through firewalls that block better
192protocols. If a node doesn't have direct internet access but a \s-1HTTP\s0 proxy
193that supports the \s-1CONNECT\s0 method it can be used to tunnel through a web
194proxy. For this to work, the \f(CW\*(C`tcp\-port\*(C'\fR should be \f(CW443\fR (\f(CW\*(C`https\*(C'\fR), as
195most proxies do not allow connections to other ports.
196.PP
197It is an abuse of the usage a proxy was designed for, so make sure you are
198allowed to use it for \s-1GVPE\s0.
199.PP
200This protocol also has server and client sides. If the \f(CW\*(C`tcp\-port\*(C'\fR is
201set to zero, other nodes cannot connect to this node directly. If the
202\&\f(CW\*(C`tcp\-port\*(C'\fR is non\-zero, the node can act both as a client as well as a
203server.
154.Sh "\s-1DNS\s0" 204.Sh "\s-1DNS\s0"
155.IX Subsection "DNS" 205.IX Subsection "DNS"
206\&\fB\s-1WARNING:\s0\fR Parsing and generating \s-1DNS\s0 packets is rather tricky. The code
207almost certainly contains buffer overflows and other, likely exploitable,
208bugs. You have been warned.
209.PP
210This is the worst choice of transport protocol with respect to overhead
211(overhead can be 2\-3 times higher than the transferred data), and latency
212(which can be many seconds). Some \s-1DNS\s0 servers might not be prepared to
213handle the traffic and drop or corrupt packets. The client also has to
214constantly poll the server for data, so the client will constantly create
215traffic even if it doesn't need to transport packets.
216.PP
217In addition, the same problems as the \s-1TCP\s0 transport also plague this
218protocol.
219.PP
220It's only use is to tunnel through firewalls that do not allow direct
221internet access. Similar to using a \s-1HTTP\s0 proxy (as the \s-1TCP\s0 transport
222does), it uses a local \s-1DNS\s0 server/forwarder (given by the \f(CW\*(C`dns\-forw\-host\*(C'\fR
223configuration value) as a proxy to send and receive data as a client,
224and an \f(CW\*(C`NS\*(C'\fR record pointing to the \s-1GVPE\s0 server (as given by the
225\&\f(CW\*(C`dns\-hostname\*(C'\fR directive).
226.PP
227The only good side of this protocol is that it can tunnel through most
228firewalls mostly undetected, iff the local \s-1DNS\s0 server/forwarder is sane
229(which is true for most routers, \s-1WLAN\s0 gateways and nameservers).
230.PP
231Finetuning needs to be done by editing \f(CW\*(C`src/vpn_dns.C\*(C'\fR directly.
156.SH "PART 2: The GNU VPE protocol" 232.SH "PART 2: The GNU VPE protocol"
157.IX Header "PART 2: The GNU VPE protocol" 233.IX Header "PART 2: The GNU VPE protocol"
158This section, unfortunately, is not yet finished, although the protocol 234This section, unfortunately, is not yet finished, although the protocol
159is stable (until bugs in the cryptography are found, which will likely 235is stable (until bugs in the cryptography are found, which will likely
160completely change the following description). Nevertheless, it should give 236completely change the following description). Nevertheless, it should give
164The exact layout and field lengths of a \s-1VPN\s0 packet is determined at 240The exact layout and field lengths of a \s-1VPN\s0 packet is determined at
165compiletime and doesn't change. The same structure is used for all 241compiletime and doesn't change. The same structure is used for all
166transort protocols, be it \s-1RAWIP\s0 or \s-1TCP\s0. 242transort protocols, be it \s-1RAWIP\s0 or \s-1TCP\s0.
167.PP 243.PP
168.Vb 3 244.Vb 3
169\& +------+------+--------+------+ 245\& +\-\-\-\-\-\-+\-\-\-\-\-\-+\-\-\-\-\-\-\-\-+\-\-\-\-\-\-+
170\& | HMAC | TYPE | SRCDST | DATA | 246\& | HMAC | TYPE | SRCDST | DATA |
171\& +------+------+--------+------+ 247\& +\-\-\-\-\-\-+\-\-\-\-\-\-+\-\-\-\-\-\-\-\-+\-\-\-\-\-\-+
172.Ve 248.Ve
173.PP 249.PP
174The \s-1HMAC\s0 field is present in all packets, even if not used (e.g. in auth 250The \s-1HMAC\s0 field is present in all packets, even if not used (e.g. in auth
175request packets), in which case it is set to all zeroes. The checksum 251request packets), in which case it is set to all zeroes. The checksum
176itself is calculated over the \s-1TYPE\s0, \s-1SRCDST\s0 and \s-1DATA\s0 fields in all cases. 252itself is calculated over the \s-1TYPE\s0, \s-1SRCDST\s0 and \s-1DATA\s0 fields in all cases.
178The \s-1TYPE\s0 field is a single byte and determines the purpose of the packet 254The \s-1TYPE\s0 field is a single byte and determines the purpose of the packet
179(e.g. \s-1RESET\s0, \s-1COMPRESSED/UNCOMPRESSED\s0 \s-1DATA\s0, \s-1PING\s0, \s-1AUTH\s0 \s-1REQUEST/RESPONSE\s0, 255(e.g. \s-1RESET\s0, \s-1COMPRESSED/UNCOMPRESSED\s0 \s-1DATA\s0, \s-1PING\s0, \s-1AUTH\s0 \s-1REQUEST/RESPONSE\s0,
180\&\s-1CONNECT\s0 \s-1REQUEST/INFO\s0 etc.). 256\&\s-1CONNECT\s0 \s-1REQUEST/INFO\s0 etc.).
181.PP 257.PP
182\&\s-1SRCDST\s0 is a three byte field which contains the source and destination 258\&\s-1SRCDST\s0 is a three byte field which contains the source and destination
183node ids (12 bits each). The protocol does not yet scale well beyond 30+ 259node IDs (12 bits each).
184hosts, since all hosts must connect to each other once on startup. But if
185restarts are rare or tolerable and most connections are on demand, much
186larger networks are feasible.
187.PP 260.PP
188The \s-1DATA\s0 portion differs between each packet type, naturally, and is the 261The \s-1DATA\s0 portion differs between each packet type, naturally, and is the
189only part that can be encrypted. Data packets contain more fields, as 262only part that can be encrypted. Data packets contain more fields, as
190shown: 263shown:
191.PP 264.PP
192.Vb 3 265.Vb 3
193\& +------+------+--------+------+-------+------+ 266\& +\-\-\-\-\-\-+\-\-\-\-\-\-+\-\-\-\-\-\-\-\-+\-\-\-\-\-\-+\-\-\-\-\-\-\-+\-\-\-\-\-\-+
194\& | HMAC | TYPE | SRCDST | RAND | SEQNO | DATA | 267\& | HMAC | TYPE | SRCDST | RAND | SEQNO | DATA |
195\& +------+------+--------+------+-------+------+ 268\& +\-\-\-\-\-\-+\-\-\-\-\-\-+\-\-\-\-\-\-\-\-+\-\-\-\-\-\-+\-\-\-\-\-\-\-+\-\-\-\-\-\-+
196.Ve 269.Ve
197.PP 270.PP
198\&\s-1RAND\s0 is a sequence of fully random bytes, used to increase the entropy of 271\&\s-1RAND\s0 is a sequence of fully random bytes, used to increase the entropy of
199the data for encryption purposes. 272the data for encryption purposes.
200.PP 273.PP
201\&\s-1SEQNO\s0 is a 32\-bit sequence number. It is negotiated at every connection 274\&\s-1SEQNO\s0 is a 32\-bit sequence number. It is negotiated at every connection
202initialization and starts at some random 31 bit value. \s-1VPE\s0 currently uses 275initialization and starts at some random 31 bit value. \s-1VPE\s0 currently uses
203a sliding window of 512 packets/sequence numbers to detect reordering, 276a sliding window of 512 packets/sequence numbers to detect reordering,
204duplication and reply attacks. 277duplication and replay attacks.
205.Sh "The authentification protocol" 278.Sh "The authentication protocol"
206.IX Subsection "The authentification protocol" 279.IX Subsection "The authentication protocol"
207Before hosts can exchange packets, they need to establish authenticity of 280Before hosts can exchange packets, they need to establish authenticity of
208the other side and a key. Every host has a private \s-1RSA\s0 key and the public 281the other side and a key. Every host has a private \s-1RSA\s0 key and the public
209\&\s-1RSA\s0 keys of all other hosts. 282\&\s-1RSA\s0 keys of all other hosts.
210.PP 283.PP
211A host establishes a simplex connection by sending the other host a 284A host establishes a simplex connection by sending the other host an
212\&\s-1RSA\s0 encrypted challenge containing a random challenge (consisting of 285\&\s-1RSA\s0 encrypted challenge containing a random challenge (consisting of
213the encryption key to use when sending packets, more random data and 286the encryption key to use when sending packets, more random data and
214\&\s-1PKCS1_OAEP\s0 padding) and a random 16 byte \*(L"challenge\-id\*(R" (used to detect 287\&\s-1PKCS1_OAEP\s0 padding) and a random 16 byte \*(L"challenge\-id\*(R" (used to detect
215duplicate auth packets). The destination host will respond by replying 288duplicate auth packets). The destination host will respond by replying
216with an (unencrypted) \s-1RIPEMD160\s0 hash of the decrypted challenge, which 289with an (unencrypted) \s-1RIPEMD160\s0 hash of the decrypted challenge, which
217will authentify that host. The destination host will also set the outgoing 290will authenticate that host. The destination host will also set the
218encryption parameters as given in the packet. 291outgoing encryption parameters as given in the packet.
219.PP 292.PP
220When the source host receives a correct auth reply (by verifying the 293When the source host receives a correct auth reply (by verifying the
221hash and the id, which will expire after 120 seconds), it will start to 294hash and the id, which will expire after 120 seconds), it will start to
222accept data packets from the destination host. 295accept data packets from the destination host.
223.PP 296.PP

Diff Legend

Removed lines
+ Added lines
< Changed lines
> Changed lines