X-Git-Url: http://www.git.cypherpunks.ru/?a=blobdiff_plain;f=doc%2Fusecases.texi;h=0a42c8a4948ecd04eb01056cce02edf22620fd58;hb=a82862691446b52ed8deb7249b437be696c2030f;hp=ca67426d7115abdd04aa4ad56669e9c92d4eb577;hpb=c9e86aabaa2b05b13251015de97505286f536dfc;p=nncp.git diff --git a/doc/usecases.texi b/doc/usecases.texi index ca67426..0a42c8a 100644 --- a/doc/usecases.texi +++ b/doc/usecases.texi @@ -10,19 +10,22 @@ See also this page @ref{Сценарии, on russian}. * Slow/expensive link for high-volume data, bad QoS: UsecaseQoS. * Extreme terrestrial environments, no link: UsecaseNoLink. * One-way broadcasting communications: UsecaseBroadcast. +* Satellite links: UsecaseSatelliteLinks. * Private, isolated MitM/Sybil-resistant networks: UsecaseF2F. * Highly secure isolated air-gap computers: UsecaseAirgap. * Network censorship bypassing, health: UsecaseCensor. * Reconnaissance, spying, intelligence, covert agents: UsecaseSpy. +* Cheap night transfers: UsecaseCaller. @end menu @node UsecaseMail @section Occasional connection to mail server -Assume that you have got your own @url{http://www.postfix.org/, Postfix} -SMTP server connected to the Internet. But you read and write emails on -your notebook, that is connected to it just from time to time. How can -you flush buffered mail queues when your notebook is connected? +Assume that you have got your own @url{http://www.postfix.org/, +Postfix}/@url{http://www.exim.org/, Exim} SMTP server connected to the +Internet. But you read and write emails on your notebook, that is +connected to it just from time to time. How can you flush buffered mail +queues when your notebook is connected? One possibility is to log in and run something like @command{postqueue -f}, but by default you have got only several days so and sender will @@ -33,15 +36,13 @@ Another possibility is to use POP3/IMAP4 servers, but this is too overcomplicated and bloated for the simple task. Not an option. @url{https://en.wikipedia.org/wiki/KISS_principle, KISS}! -Just tell both of your Postfixes (on the server and notebook) to drop -email as a mail via NNCP (@ref{nncp-exec}) to specified node. This is -done similarly as with UUCP and as written in -@url{http://www.postfix.org/UUCP_README.html, Postfix documentation}. +Just tell both of your Postfix/Exim (on the server and notebook) to drop +email as a mail via NNCP (@ref{nncp-exec}) to specified node. -Look @ref{Postfix, here} for further information. All mail will be -stored in NNCP @ref{Spool, spool}, that after exchanging and tossing -will call local @command{sendmail} command to deliver them just like -that happened on the same machine. +More information for Postfix is @ref{Postfix, here} and for Exim is +@ref{Exim, here}. All mail will be stored in NNCP @ref{Spool, spool}, +that after exchanging and tossing will call local @command{sendmail} +command to deliver them just like that happened on the same machine. @node UsecasePOP @section Lightweight fast POP3/IMAP4 replacement @@ -75,10 +76,10 @@ daemon}. The command: -@verbatim -% nncp-file file_i_want_to_send bob: -% nncp-file another_file bob:movie.avi -@end verbatim +@example +$ nncp-file file_i_want_to_send bob: +$ nncp-file another_file bob:movie.avi +@end example will queue two files for sending to @emph{bob} node. Fire and forget! Now this is daemon's job (or offline transfer) to send this files part @@ -98,12 +99,12 @@ NNCP allows traffic @ref{Niceness, prioritizing}: each packet has niceness level, that will guarantee that it will be processed earlier or later than the other ones. Nearly all commands has corresponding option: -@verbatim -% nncp-file -nice FLASH myfile node:dst -% nncp-xfer -nice PRIORITY /mnt/shared -% nncp-call -nice NORMAL bob +@example +$ nncp-file -nice FLASH myfile node:dst +$ nncp-xfer -nice PRIORITY /mnt/shared +$ nncp-call -nice NORMAL bob [...] -@end verbatim +@end example Huge files could be split on smaller @ref{Chunked, chunks}, giving possibility to transfer virtually any volumes using small capacity @@ -111,10 +112,10 @@ storages. You can also use CD-ROM and tape drives: -@verbatim -% nncp-bundle -tx bob | cdrecord -tao - -% nncp-bundle -tx bob | dd of=/dev/sa0 bs=10240 -@end verbatim +@example +$ nncp-bundle -tx bob | cdrecord -tao - +$ nncp-bundle -tx bob | dd of=/dev/sa0 bs=10240 +@end example @node UsecaseNoLink @section Extreme terrestrial environments, no link @@ -126,9 +127,9 @@ media for transferring packets to other nodes. Assume that you send two files to @emph{bob} node. Insert USB storage device (SD is preferable!), mount it and run @ref{nncp-xfer}: -@verbatim -% nncp-xfer -node bob /media/usbstick -@end verbatim +@example +$ nncp-xfer -node bob /media/usbstick +@end example to copy all outbound packets related to @emph{bob}. Use @option{-mkdir} option to create related directory on USB/SD storage if they are missing @@ -138,16 +139,16 @@ If you use single storage device to transfer data both to @emph{bob} and @emph{alice}, then just omit @option{-node} option to copy all available outgoing packets. -@verbatim -% nncp-xfer /media/usbstick -@end verbatim +@example +$ nncp-xfer /media/usbstick +@end example Unmount it and transfer storage to Bob and Alice. When they will insert it in their computers, they will use exactly the same command: -@verbatim -% nncp-xfer /media/usbstick -@end verbatim +@example +$ nncp-xfer /media/usbstick +@end example to find all packets related to their node and copy them locally for further processing. @command{nncp-xfer} is the only command used with @@ -163,15 +164,41 @@ example, satellite's broadcasting signal. You are not able to use online You can use @ref{Bundles, bundles} and stream them above. They are just a sequence of @ref{Encrypted, encrypted packets} you can catch on. -@verbatim -% nncp-bundle -tx alice bob eve ... | command to send broadcast -% command to receive broadcast | nncp-bundle -rx -@end verbatim +@example +$ nncp-bundle -tx alice bob eve ... | command to send broadcast +$ command to receive broadcast | nncp-bundle -rx +@end example With built-in packet duplicates detection ability, you can retransmit your broadcasts from time to time, to increase chances the recipient will catch them by regular stream listening. +@node UsecaseSatelliteLinks +@section Satellite links + +Satellite links have @strong{very} high delays together with high +bandwidths. You can send several megabits of data per second, but they +will reach the remote side only after half a second! +Most file sharing protocols like +@url{https://en.wikipedia.org/wiki/Files_transferred_over_shell_protocol, FISH}, +@url{https://en.wikipedia.org/wiki/FTP, FTP}, +@url{https://en.wikipedia.org/wiki/Secure_copy, scp}, +@url{https://en.wikipedia.org/wiki/XMODEM, XMODEM} +will perform very badly because of round-trips quantity. Each file +transmission explicitly generates request and acknowledgement packets +that are send over the link. Remote side won't do anything until it +receives them. Moreover not all protocols allow duplex data +transmission (when both sides are sending data simultaneously). + +NNCP's @ref{Sync, synchronization protocol} (SP) tries to mitigate all +that issues by reducing number of round-trips, number of packets passing +through. All file lists, file download requests are grouped together +(pipelined) in one huge packet. Only transmission halt and successful +file download acknowledgements are sent explicitly. SP could be asked +only either to upload or download packets for our node. SP could ignore +files with low priority. Full files listing is passing even during the +handshake procedure. + @node UsecaseF2F @section Private, isolated MitM/Sybil-resistant networks @@ -201,15 +228,17 @@ authenticate peers and provide effective (both participants send payload in the very first packet) secure transport with forward secrecy property. -@verbatim -% nncp-daemon -bind [::]:5400 -@end verbatim +@example +$ nncp-daemon -bind "[::]":5400 +@end example + will start TCP daemon listening on all interfaces for incoming connections. -@verbatim -% nncp-call bob -@end verbatim +@example +$ nncp-call bob +@end example + will try to connect to @emph{bob}'s node known TCP addresses (taken from configuration file) and send all related outbound packets and retrieve those the Bob has. All interrupted transfers will be automatically @@ -232,14 +261,18 @@ devices, possibly by rewriting the data from USB/hard drives to CD-RWs. NNCP supports packets relying (transitioning) out-of-box. @verbatim -neigh: - bob: +neigh: { + bob: { [...] - addrs: - lan: [fe80::5400%igb0]:5400 + addrs: { + lan: "[fe80::5400%igb0]:5400" + } + } bob-airgap: [...] - via: [bob] + via: ["bob"] + } +} @end verbatim That @ref{Configuration, configuration file} tells that we have got two @@ -305,3 +338,54 @@ same device. Tossing (reading those encrypted packets and extracting transferred files and mail messages) could and should be done on a separate computer (@ref{nncp-cfgmin} command could help creating configuration file without private keys for that purpose). + +If you really want to carry your private keys, then @ref{nncp-cfgenc} +command will be able to encrypt your configuration file. Passphrase you +enter is strengthened with both CPU and memory hard function. + +@node UsecaseCaller +@section Cheap night transfers + +Your Internet/telephone traffic price can vary, depending on daytime. +Night calls/connections could be twice as cheaper. You wish to send your +files at that time, but keep high priority email infrequently passing +through in anytime. Also you wish to pass any kind of traffic when the +node is available through the LAN. + +You can easily set your preferences in @ref{Call, call +configurations} for @ref{nncp-caller} command used in online +communications. + +@verbatim +neigh: { + [...] + some-node: { + [...] + addrs: { + lan: "[fe80::be5f:f4ff:fedd:2752%igb0]:5400" + wan: "some-node.com:5400" + } + calls: [ + { + cron: "*/1 * * * *" + addr: lan + nice: MAX + onlinedeadline: 3600 + }, + { + cron: "*/10 * * * *" + addr: wan + nice: PRIORITY + xx: rx + }, + { + cron: "*/1 0-7 * * *" + addr: wan + nice: BULK + onlinedeadline: 3600 + maxonlinetime: 3600 + }, + ] + } +} +@end verbatim