4 See also this page @ref{Сценарии, on russian}.
7 * Occasional connection to mail server: UsecaseMail.
8 * Lightweight fast POP3/IMAP4 replacement: UsecasePOP.
9 * Unreliable/expensive communication link: UsecaseUnreliable.
10 * Slow/expensive link for high-volume data, bad QoS: UsecaseQoS.
11 * Extreme terrestrial environments, no link: UsecaseNoLink.
12 * One-way broadcasting communications: UsecaseBroadcast.
13 * Private, isolated MitM/Sybil-resistant networks: UsecaseF2F.
14 * Highly secure isolated air-gap computers: UsecaseAirgap.
15 * Network censorship bypassing, health: UsecaseCensor.
16 * Reconnaissance, spying, intelligence, covert agents: UsecaseSpy.
20 @section Occasional connection to mail server
22 Assume that you have got your own @url{http://www.postfix.org/, Postfix}
23 SMTP server connected to the Internet. But you read and write emails on
24 your notebook, that is connected to it just from time to time. How can
25 you flush buffered mail queues when your notebook is connected?
27 One possibility is to log in and run something like @command{postqueue
28 -f}, but by default you have got only several days so and sender will
29 receive notification emails that his messages still are not delivered
30 yet. Also you must have secure link (SSH, VPN, etc).
32 Another possibility is to use POP3/IMAP4 servers, but this is too
33 overcomplicated and bloated for the simple task. Not an option.
34 @url{https://en.wikipedia.org/wiki/KISS_principle, KISS}!
36 Just tell both of your Postfixes (on the server and notebook) to drop
37 email as a mail via NNCP (@ref{nncp-exec}) to specified node. This is
38 done similarly as with UUCP and as written in
39 @url{http://www.postfix.org/UUCP_README.html, Postfix documentation}.
41 Look @ref{Postfix, here} for further information. All mail will be
42 stored in NNCP @ref{Spool, spool}, that after exchanging and tossing
43 will call local @command{sendmail} command to deliver them just like
44 that happened on the same machine.
47 @section Lightweight fast POP3/IMAP4 replacement
49 @ref{nncp-daemon} can be connected with @ref{nncp-caller} for a long
50 time -- it can create TCP connection that lasts for many hours. When
51 SMTP server receives mail, it will call @ref{nncp-exec} creating an
52 outbound encrypted packet. Daemon checks outbound directory each second
53 and immediately sends notification about undelivered packets to remote
54 side, that also downloads it at once.
56 There are only dozens of bytes notifying about incoming packets, dozens
57 of bytes telling to download those packets. Mail packets are compressed
58 (POP3 and IMAP4 as a rule do not). You have lightweight, compressed,
59 low-delay, reliable link for the mail with strong encryption and mutual
62 @node UsecaseUnreliable
63 @section Unreliable/expensive communication link
65 Assume that you have got slow modem/radio/cellular link that frequently
66 disconnects and causes TCP timeouts. Not all HTTP servers support file
67 download continuation. SMTP does not support resuming at all and heavy
68 messages is problematic to retrieve. Moreover, each disconnect leads to
69 the same data retransmission again, that can not be afforded sometimes.
71 Just send your @ref{nncp-exec, mail} and @ref{nncp-file, files} through
72 NNCP. You can use either offline delivery methods -- read about them in
73 the next section, or you can use included NNCP @ref{nncp-daemon, TCP
79 % nncp-file file_i_want_to_send bob:
80 % nncp-file another_file bob:movie.avi
83 will queue two files for sending to @emph{bob} node. Fire and forget!
84 Now this is daemon's job (or offline transfer) to send this files part
85 by part to remote system when it is available.
88 @section Slow/expensive link for high-volume data, bad QoS
90 Assume that you can give your relatively cheap 2 TiB removable hard
91 drive to someone each day at the morning (and take it back at the
92 evening). This equals to 185 Mbps good quality (without any speed
93 degradation) link in single direction. What about more and bigger hard
94 drives? This type of data exchange is called
95 @url{https://en.wikipedia.org/wiki/Sneakernet, sneakernet}/floppynet.
97 NNCP allows traffic @ref{Niceness, prioritizing}: each packet has
98 niceness level, that will guarantee that it will be processed earlier or
99 later than the other ones. Nearly all commands has corresponding option:
102 % nncp-file -nice FLASH myfile node:dst
103 % nncp-xfer -nice PRIORITY /mnt/shared
104 % nncp-call -nice NORMAL bob
108 Huge files could be split on smaller @ref{Chunked, chunks}, giving
109 possibility to transfer virtually any volumes using small capacity
112 You can also use CD-ROM and tape drives:
115 % nncp-bundle -tx bob | cdrecord -tao -
116 % nncp-bundle -tx bob | dd of=/dev/sa0 bs=10240
120 @section Extreme terrestrial environments, no link
122 This is some kind of too slow link. Offline delivery methods is the only
123 choice. Just send files as shown in previous section, but use removable
124 media for transferring packets to other nodes.
126 Assume that you send two files to @emph{bob} node. Insert USB storage
127 device (SD is preferable!), mount it and run @ref{nncp-xfer}:
130 % nncp-xfer -node bob /media/usbstick
133 to copy all outbound packets related to @emph{bob}. Use @option{-mkdir}
134 option to create related directory on USB/SD storage if they are missing
135 (for example when running for the first time).
137 If you use single storage device to transfer data both to @emph{bob} and
138 @emph{alice}, then just omit @option{-node} option to copy all available
142 % nncp-xfer /media/usbstick
145 Unmount it and transfer storage to Bob and Alice. When they will insert
146 it in their computers, they will use exactly the same command:
149 % nncp-xfer /media/usbstick
152 to find all packets related to their node and copy them locally for
153 further processing. @command{nncp-xfer} is the only command used with
156 @node UsecaseBroadcast
157 @section One-way broadcasting communications
159 Sometimes you have got high-bandwidth but unidirectional link, for
160 example, satellite's broadcasting signal. You are not able to use online
161 @ref{Sync, synchronization protocol} because it requires mutual interaction.
163 You can use @ref{Bundles, bundles} and stream them above. They are just
164 a sequence of @ref{Encrypted, encrypted packets} you can catch on.
167 % nncp-bundle -tx alice bob eve ... | command to send broadcast
168 % command to receive broadcast | nncp-bundle -rx
171 With built-in packet duplicates detection ability, you can retransmit
172 your broadcasts from time to time, to increase chances the recipient
173 will catch them by regular stream listening.
176 @section Private, isolated MitM/Sybil-resistant networks
178 All Internet connections can be eavesdropped and forged. You
179 @strong{have to} to use encryption and authentication for securing them.
180 But it is very hard to secure metadata, that leaks during each online
181 session. When you start your shiny new software server be sure that
182 there could be huge quantity of bogus peers trying to perform
183 @url{https://en.wikipedia.org/wiki/Sybil_attack, Sybil attack}. Opennet
184 peer-to-peer networking is dangerous thing to do.
186 The most popular cryptographic protocol in Internet is
187 @url{https://en.wikipedia.org/wiki/Transport_Layer_Security, TLS} that
188 is very hard to implement correctly and hard to configure for mutual
189 participants authentication. Not all TLS configurations and related
190 protocols provide @url{https://en.wikipedia.org/wiki/Forward_secrecy,
191 forward secrecy} property -- all previously intercepted packets could be
192 read if private keys are compromised.
194 Friend-to-friend networks, darknets can mitigate risks related to fake
195 and forged nodes. However they are harder to support and require more
196 time to be done right.
198 NNCP's @ref{nncp-daemon, TCP daemon} uses
199 @url{http://noiseprotocol.org/, Noise-IK} protocol to mutually
200 authenticate peers and provide effective (both participants send payload
201 in the very first packet) secure transport with forward secrecy
205 % nncp-daemon -bind [::]:5400
207 will start TCP daemon listening on all interfaces for incoming
213 will try to connect to @emph{bob}'s node known TCP addresses (taken from
214 configuration file) and send all related outbound packets and retrieve
215 those the Bob has. All interrupted transfers will be automatically
219 @section Highly secure isolated air-gap computers
221 If you worry much about security, then air-gapped computer could be the
222 only choice you can afford. Computer without any modems, wired and
223 wireless networks. Obviously the only possibility to exchange mail and
224 files is to use physically removable storage devices like CD-ROM, hard
225 drive, SD, tape and USB flash drives (@strong{worst} choice, due to
226 those devices complexity).
228 Presumably you have got another own hop before that computer: another
229 intermediate node which performs basic verification of retrieved storage
230 devices, possibly by rewriting the data from USB/hard drives to CD-RWs.
232 NNCP supports packets relying (transitioning) out-of-box.
239 lan: [fe80::5400%igb0]:5400
245 That @ref{Configuration, configuration file} tells that we have got two
246 known neighbours: @emph{bob} and @emph{bob-airgap}. @emph{bob} can be
247 reached via online connection using @emph{lan} address.
248 @emph{bob-airgap} can be reached by sending intermediate relay packet
249 through the @emph{bob}.
251 Any command like @command{nncp-file myfile bob-airgap:} will
252 automatically create an encapsulated packet: one for the destination
253 endpoint, and other carrying it for intermediate relaying node.
255 Pay attention that relaying node knows nothing about the packet inside,
256 but just its size and priority. Transition packets are encrypted too:
257 using well-known @url{https://en.wikipedia.org/wiki/Onion_routing, onion
258 routing} technology. @emph{bob} can not read @emph{bob-airgap}'s packets.
261 @section Network censorship bypassing, health
263 This is some kind of bad link too. Some governments tend to forbid
264 @strong{any} kind of private communication between people, allowing only
265 entertainment content delivering and popular social networks access
266 (that are already bloated with advertisements, locally executed
267 @url{https://www.gnu.org/philosophy/free-sw.html, proprietary}
268 JavaScript code (for spying on user activities, collect data on them),
269 shamelessly exploiting the very basic human need of communication).
271 This is their natural wish. But nobody forces you to obey huge
272 corporations like Apple, Google or Microsoft. It is your choice to
273 create an isolated friend-to-friend network with piles of harmless
274 content and private messaging. Only predators silently watch for their
275 victims in mammals world -- it harms your health being watched and
276 feeling that you are the victim that has already done something wrong.
279 @section Reconnaissance, spying, intelligence, covert agents
281 Those guys know how Internet is a dangerous place incompatible with
282 privacy. They require quick, fast dropping and picking of data. No
283 possibility of many round-trips -- just drop the data, fire-and-forget.
284 It could be either removable media again and/or
285 @url{https://en.wikipedia.org/wiki/USB_dead_drop, USB dead drops},
286 @url{https://en.wikipedia.org/wiki/PirateBox, PirateBox}es,
287 @url{https://en.wikipedia.org/wiki/Short-range_agent_communications, SRAC}.
288 Short lived short range networks like Bluetooth and WiFi can also
289 be pretty fast, allowing to quickly fire chunks of queued packets.
291 Very important property is that compromising of those dead drops and
292 storages must be neither fatal nor even dangerous. Packets sent through
293 the network and exchanged via those devices are end-to-end
294 @ref{Encrypted, encrypted} (but unfortunately lacking forward secrecy).
295 No filenames, mail recipients are seen.
297 All node communications are done with so-called @ref{Spool, spool} area:
298 directory containing only those unprocessed encrypted packets. After
299 packet transfer you still can not read any of them: you have to run
300 another stage: @ref{nncp-toss, tossing}, that involves your private
301 cryptographic keys. So even if your loose your computer, storage devices
302 and so on -- it is not so bad, because you are not carrying private keys
303 with it (don't you?), you do not "toss" those packets immediately on the
304 same device. Tossing (reading those encrypted packets and extracting
305 transferred files and mail messages) could and should be done on a
306 separate computer (@ref{nncp-cfgmin} command could help creating
307 configuration file without private keys for that purpose).