[p2p-hackers] Implement hole punching to across NAT (fwd)

David Barrett dbarrett at quinthar.com
Thu Aug 14 19:05:56 EDT 2008

Salman Abdul Baset wrote:
>> (Plus everyone needs to hit *some* server to find the bootstrap nodes
>> anyway... keeping them connected to it and not moving anything but
>> keepalive traffic and the occasionally connection setup, as David points
>> out, is cheap)
> The problem comes when media must be relayed through a central server. This 
> happens when nodes are behind restricted NATs. 

Bootstrapping, authentication, and rendezvous should be centralized, but 
I agree other layers -- including relaying -- are best left to peers.

The point is those p2p layers are far easier to build atop a solid 
centralized core than on top of more p2p.

> Also, I suspect that the 
> administrative costs and pains for managing 15-20 servers may overshadow any 
> per-month bandwidth costs for connectivity.

Are you suggesting that it's easier to manage a 10-million node DHT than 
15-20 centralized servers?  I think not.

If you have 15-20 servers, that means you have millions of active users 
and you are a massive success -- the centralized costs and 
administration headaches are utterly trivial by comparison.

Also, I should clarify -- the 100K users / $100/mo box ratio I tossed 
out is a rule of thumb because it's easy to remember and easy to 
achieve.  With some work you can find cheaper boxes ($50/mo) and get 
them to support even more connections 250K seems pretty easy.  Even 
1M/box seems achievable.

Never underestimate the power of appropriate centralization, or your 
competitors will beat you to the punch years early.

> Nodes need to connect to a central server to get their identity signed by a 
> central server. This must happen to prevent Sybil attacks. A bootstrap server 
> can be co-located with this authentication server.

That's one thing that's bothered me with a lot of discussions of P2P. 
At the end of the day, real-world p2p systems utterly depend on 
reliable, realtime access to centralized components.  Successful systems 
recognize and exploit this.

Usability, security, decentralization.  Pick any two.


More information about the p2p-hackers mailing list