Updates

2025-02-28 21:01:33 +00:00 · 2023-09-09 12:54:46 +01:00 · 2023-09-09 12:54:46 +01:00 · 51ebd5195d
commit 51ebd5195d
parent 2965b570eb
3 changed files with 40 additions and 19 deletions
--- a/about.md
+++ b/about.md
@ -4,11 +4,9 @@ sitemap: true
 # About
-Yggdrasil is an experimental implementation of a new routing scheme designed for mesh or even Internet-like networks. The current implementation is built as an overlay network, where network nodes are userspace software routers, connected together using virtual peerings over local area networks, point-to-point links or the Internet. 
+Yggdrasil is an experimental implementation of a new compact routing scheme designed for mesh or even Internet-like networks. It is predominanently a shortest-path scheme, whereby the network will attempt to find the most direct path to the destination.
-Compared to the structured and typically hierarchial routing schemes in use today on many networks, Yggdrasil is strongly decentralised and largely self-arranging. Each node on the network is identified by a cryptographic public key and IPv6 addresses are generated from this key. The network topology is adaptive, aiming to make use of whichever links are available in order to provide full routability between all network participants. This is made possible by the fact that all Yggdrasil nodes are routers, sharing routing knowledge and forwarding traffic on behalf of other network participants.
+Compared to the structured and typically hierarchial routing schemes in use today on many networks, Yggdrasil is strongly decentralised and largely self-arranging. Each node on the network is identified by a cryptographic public key and, in our current experimental implementation, IPv6 addresses are generated from this key. The network topology is adaptive, aiming to make use of whichever links are available in order to provide full routability between all network participants. This is made possible by the fact that all Yggdrasil nodes are routers, sharing routing knowledge and forwarding traffic on behalf of other network participants.
 In order to ensure that traffic is private as it is routed across other network nodes, all traffic is end-to-end encrypted at all times. Even plain-text application traffic is encrypted in transit, ensuring that intermediate nodes cannot read traffic as it is forwarded through the network.
 The following table illustrates high-level differences between traditional networks like the Internet, and the Yggdrasil Network:
@ -21,6 +19,21 @@ The following table illustrates high-level differences between traditional netwo
 | Mobile addressing that stays with the device as it moves around | No          | Yes       |
 | Topology extends gracefully across different mediums, i.e. mesh | No          | Yes       |
 ### Implementation notes
 The current implementation of Yggdrasil is built as an overlay network, where network nodes are userspace software routers that run under a single process on a host machine. Peering connections between these nodes are established over local area networks, point-to-point links or the Internet using mainly TCP connections. In order to ensure that traffic is private as it is routed across other network nodes, all traffic is end-to-end encrypted at all times. Even plain-text application traffic is encrypted in transit, ensuring that intermediate nodes cannot read traffic as it is forwarded through the network.
 This allows us to test the Yggdrasil design at scale relatively easily, as the user-space router can easily run on most computers regardless of configuration or other external factors and users do not need to be physically close to one another in order to join or test the network. They can just download the software and establish some peerings over the Internet to get a feel for how the scheme should work.
 This also means that we often attract comparisons with other overlay-by-design networks such as Tor, I2P, Lokinet and others, although we don't believe that such comparisons are especially useful. Not least because many other overlay projects often have differing primary goals, i.e. providing anonymity, but because these projects were designed and built to always be overlays over other network infrastructure.
 Instead, we see Yggdrasil as competing with, if not superseding, other routing schemes that are in widespread use today and experimenting with the routing scheme as an overlay network is merely a means to an end. We don't intend that Yggdrasil will only ever continue to exist as an overlay network, nor are we interested in spending too much time and effort trying to solve problems which would only be present on an overlay network. For this reason, there are some specific areas that we consider specifically **out of scope**:
 1. **Peer discovery and exchange** — We are researching how to best provide good connectivity between nodes with the set of links that we have been given, not how to automatically establish new links as many other peer-to-peer networks do. We do this because we are trying to strictly limit the number of assumptions we make about the underlying physical topology.
 1. **Insecure link metrics** — In order for Yggdrasil to work in a decentralised fashion, we need to be very careful about how much trust we place in other nodes to not lie to us in ways that could influence path selection or routing decisions. We do not consider link quality metrics that cannot be securely and independently verified.
 1. **Anonymity or pseudonymity** — Yggdrasil is not an anonymous network. Any anonymity or pseudonymity that can be achieved over the Yggdrasil overlay network today is by coincidence and not by intention or design.
 1. **Node naming and lookup** — We are interested in solving the problem of how to route between nodes effectively on complex topologies, not replacing DNS. Decentralised node naming can and should be solved by separate projects.
 ### What are the problems today?
 The internet as we know it today doesn't conform to a well-defined topology. This has largely happened over time - as the internet has grown, more and more networks have been "bolted together" with peering arrangements between service providers. The lack of defined topology gives us some unavoidable problems:
@ -29,13 +42,13 @@ The internet as we know it today doesn't conform to a well-defined topology. Thi
 1. There isn't really any way for a computer to know where it is located on the internet relative to anything else — most machines are only aware of a "default gateway"
 1. It's difficult to examine where a packet will go on its journey from source to destination without actually sending it
-These problems have been somewhat mitigated (but not really solved) through centralisation - rather than your computers at home holding a copy of the global routing table, your service provider does so on your behalf. Your computers and network devices are configured just to "send traffic upstream" and to let your provider decide where it goes from there. This leaves you entirely at the mercy of your ISP who can redirect your traffic anywhere they like and to inspect, manipulate or intercept it. 
+These problems have been somewhat mitigated (but not really solved) through centralisation - rather than your computers at home holding a copy of the global routing table, your service provider does so on your behalf. Your computers and network devices are configured just to "send traffic upstream" and to let your provider decide where it goes from there. This leaves you entirely at the mercy of your ISP who can redirect your traffic anywhere they like and to inspect, manipulate or intercept it.
-ISP networks are also typically structured in design and often hierarchical in nature, and as a result, many existing routing protocols have been designed with this in mind. Some optimisations such as prefix aggregation are used to try and reduce the number of routing entries that a provider must send out into the world. These protocols are usually not suitable for use in a network where the topology is not well defined or changes frequently — a wireless mesh network, for example, therefore it has been very difficult in the past for communities to build their own wireless mesh infrastructure on an ad-hoc basis. 
+ISP networks are also typically structured in design and often hierarchical in nature, and as a result, many existing routing protocols have been designed with this in mind. Some optimisations such as prefix aggregation are used to try and reduce the number of routing entries that a provider must send out into the world. These protocols are usually not suitable for use in a network where the topology is not well defined or changes frequently — a wireless mesh network, for example, therefore it has been very difficult in the past for communities to build their own wireless mesh infrastructure on an ad-hoc basis.
 ### What does Yggdrasil do differently?
-Yggdrasil takes a very different approach to sharing routing knowledge. Rather than distributing address ranges as paths through centrally assigned autonomous systems, Yggdrasil instead builds up a single global network topology. 
+Yggdrasil takes a very different approach to sharing routing knowledge. Rather than distributing address ranges as paths through centrally assigned autonomous systems, Yggdrasil instead builds up a single global network topology.
 A spanning tree is used to provide synchronisation and to allow nodes to allocate themselves a set of tree coordinates, which are used to exchange and establish bootstrap and path setup messages. Nodes then set up paths through the network to their keyspace neighbours, effectively arranging the network into a virtual line, ordered by public keys. Intermediate nodes then populate their routing tables with these paths, enabling nodes to forward packets closer to their destination public key.
@ -65,4 +78,3 @@ The project is likely to reach a number of possible outcomes:
 1. The project may reach a reasonably stable state but never attract a large enough number of users
 1. The project may attract a large enough number of users but reveal inherent design flaws in the process (a learning exercise for a future project or protocol version perhaps)
 1. The project may end up working perfectly even as the network grows, in which case it will become worthwhile to look at writing better-optimised implementations and/or moving the important parts into other projects
--- a/faq.md
+++ b/faq.md
@ -10,22 +10,30 @@ Yggdrasil was created in order to build a decentralised routing scheme for mesh
 ### Is Yggdrasil safe?
-All traffic sent across the Yggdrasil network is encrypted end-to-end. Assuming that our crypto is solid, it cannot be decrypted or read by any intermediate nodes, and can only be decrypted by the recipient for which it was intended. However, please note that Yggdrasil has not been officially externally audited.
+All traffic sent across the Yggdrasil Network is encrypted end-to-end, such that it cannot be decrypted or read by any intermediate nodes, and can only be decrypted by the recipient for which it was intended.
 However, it is still a public network, therefore you should take adequate precautions when using Yggdrasil, such as using a firewall and not exposing services you do not want others to be able to reach.
 We also feel that it is important to highlight that, even though Yggdrasil is using industry-standard cryptography, our codebase has not been officially externally audited.
 ### Is Yggdrasil stable?
-Yggdrasil is relatively stable and very rarely crashes, although our official stance is that it is still alpha software and comes with all of the usual warnings. You should expect things to not be wholly smooth in all cases and therefore you should probably not run any mission-critical or life-and-death workloads over Yggdrasil at this time. You should also make sure that you stay up-to-date as often as possible with the latest versions to ensure that your node continues to be compatible as we make protocol changes.
+Yggdrasil is relatively stable and very rarely crashes, although our official stance is that it is still alpha software and comes with all of the usual warnings. You should expect things to not be wholly smooth in all cases and therefore you should probably not run any mission-critical or life-and-death workloads over Yggdrasil at this time.
 You should also make sure that you stay up-to-date as often as possible with the latest versions to ensure that your node continues to be compatible as we make protocol changes.
 ### Is Yggdrasil anonymous?
-No, it is not a goal of the Yggdrasil project to provide anonymity. Direct peers over the Internet will be able to see your IP address and may be able to use this information to determine your location or identity. Multicast-discovered peerings on the same network will typically expose your device MAC address. Other nodes on the network may be able to discern some information about which nodes you are peered with. 
+No, it is not a goal of the Yggdrasil project to provide anonymity. Direct peers over the Internet will be able to see your IP address and may be able to use this information to determine your location or identity. Multicast-discovered peerings on the same network will typically expose your device MAC address. Other nodes on the network may be able to discern some information about which nodes you are peered with.
 ### Will my machine be exposed to other users of the network?
 Typically yes, you will be routable from other nodes on the network. If you want to restrict incoming connections to your machine, you should use an IPv6 firewall. The steps for this will vary from platform to platform.
 #### Linux (with `ip6tables`)
 Assuming your TUN/TAP adapter is named `tun0`:
 ```
 ip6tables -A INPUT -i tun0 -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
 ip6tables -A INPUT -i tun0 -m conntrack --ctstate INVALID -j DROP
@ -33,16 +41,18 @@ ip6tables -A INPUT -i tun0 -j DROP
 ```
 #### Windows (with Windows Firewall)
 Windows, by default, should classify the TAP adapter as a "Public Network". Configure Windows Firewall to prevent incoming connections on Public networks.
 #### macOS (with built-in firewall)
 macOS has an application firewall, therefore any firewall policies applied on other interfaces will also apply to the Yggdrasil interface.
 ### Can I run an Yggdrasil router without a TUN interface?
 Yes, you can set the `IfName` configuration setting to `"none"`. This will prevent Yggdrasil from creating a TUN interface.
-You will be able to create and accept peering connections and will continue to route traffic on behalf of your peers, but you will not be reachable from within the Yggdrasil Network, nor will you be able to send traffic into the network either. In this mode, other users on the network will receive no response if they try to reach or ping your node addresses. 
+You will be able to create and accept peering connections and will continue to route traffic on behalf of your peers, but you will not be reachable from within the Yggdrasil Network, nor will you be able to send traffic into the network either. In this mode, other users on the network will receive no response if they try to reach or ping your node addresses.
 ### Does Yggdrasil require IPv6?
@ -74,15 +84,16 @@ Stuck for peers? Try adding a [public peer](https://github.com/yggdrasil-network
 ### Does Yggdrasil add or remove peerings automatically?
-Peerings may be automatically established to nodes on the same subnet if multicast peering is enabled on both nodes, however, Yggdrasil will never add or remove remote peerings automatically over other networks like the Internet. 
+Peerings may be automatically established to nodes on the same subnet if multicast peering is enabled on both nodes, however, Yggdrasil will never add or remove remote peerings automatically over other networks like the Internet.
-### I've installed the Yggdrasil Debian package and now I can't find the logs.
+### I've installed the Yggdrasil Debian package and now I can't find the logs
 The Debian package installs the Yggdrasil service into systemd, therefore you can query systemd for the logs:
 - `systemctl status yggdrasil`
 - `journalctl -u yggdrasil`
-### I've modified the configuration file but nothing has changed.
+### I've modified the configuration file but nothing has changed
 Yggdrasil only loads the configuration at startup. Restart the Yggdrasil process or service to load the new configuration. If you are troubleshooting peering connections, check the logging output and/or examine the output of `yggdrasilctl getPeers` to see if any peers are connected.
@ -122,4 +133,4 @@ Yggdrasil can peer over Tor or I2P. See [/public-peers/tree/master/other](https:
 No. At worst, the root node may be used in worst-case-scenario paths between
 other nodes in the absence of being able to determine better routes, but this
-is not advantageous. 
+is not advantageous.
--- a/index.md
+++ b/index.md
@ -3,7 +3,7 @@ tags: dontlink
 sitemap: true
 ---
-Yggdrasil is an overlay network implementation of a new routing scheme for mesh networks. It is designed to be a future-proof decentralised alternative to the structured routing protocols commonly used today on the Internet and other networks.
+Yggdrasil is an implementation of a new compact routing scheme for mesh networks. It is designed to be a future-proof decentralised alternative to the structured routing protocols commonly used today on the Internet and other networks.
 The highlights of Yggdrasil are that it is:
@ -57,5 +57,3 @@ This is still an alpha-stage project and there may be some breaking changes in t
        <p markdown='1'>Visit our [developers](developers.md) page and our [GitHub](https://github.com/yggdrasil-network/yggdrasil-go). Report bugs and problems to us as [GitHub Issues](https://github.com/yggdrasil-network/yggdrasil-go/issues).</p>
    </div>
 </div>