before claude motivation rewrite
This commit is contained in:
@@ -21,27 +21,49 @@ rather than systematic evaluation.
|
||||
This observation revealed a clear need for
|
||||
rigorous, evidence-based comparison of Peer-to-Peer overlay VPN implementations.
|
||||
|
||||
This chapter introduces the Clan project, articulates its fundamental
|
||||
objectives, outlines the key components, and examines the driving
|
||||
factors motivating its development.
|
||||
However, existing research on benchmarking peer-to-peer overlay networks
|
||||
remains sparse.
|
||||
One notable work from 2024, ``Full-mesh VPN performance evaluation
|
||||
for a secure edge-cloud continuum'' \cite{kjorveziroski_full-mesh_2024},
|
||||
benchmarks a subset of available overlay VPNs but focuses primarily
|
||||
on solutions with a central point of failure.
|
||||
In contrast, this thesis evaluates more widely adopted VPNs
|
||||
with an emphasis on fully decentralized architectures.
|
||||
Furthermore, that study relied exclusively on iperf3 for performance measurement,
|
||||
whereas our benchmark suite includes additional real-world workloads
|
||||
to better reflect practical usage patterns.
|
||||
|
||||
Peer-to-peer (P2P) technologies and decentralization have undergone
|
||||
significant growth and evolution in recent years. These technologies
|
||||
form the backbone of various systems, including P2P Edge
|
||||
Computing—particularly in the context of the Internet of Things
|
||||
(IoT)—Content Delivery Networks (CDNs), and Blockchain platforms such
|
||||
as Ethereum. P2P architectures enable more democratic,
|
||||
censorship-resistant, and fault-tolerant systems by reducing reliance
|
||||
on single points of failure \cite{shukla_towards_2021}.
|
||||
A further motivation for this work was to create a fully automated
|
||||
benchmarking framework capable of generating a public leaderboard,
|
||||
similar in spirit to the js-framework-benchmark
|
||||
(see Figure~\ref{fig:js-framework-benchmark}).
|
||||
By providing an accessible web interface with regularly updated results,
|
||||
we hope to encourage P2P VPN developers to optimize their implementations
|
||||
in pursuit of top rankings.
|
||||
|
||||
However, to fully realize these benefits, a P2P system must deploy
|
||||
its nodes across a diverse set of entities. Greater diversity in
|
||||
hosting increases the network’s resilience to censorship and systemic failures.
|
||||
\begin{figure}[H]
|
||||
\centering
|
||||
\includegraphics[width=1\textwidth]{Figures/krause-js-framework.png}
|
||||
\caption{js-framework-benchmark results for Chrome 144.0
|
||||
\cite{krause_krausestjs-framework-benchmark_2026}}
|
||||
\label{fig:js-framework-benchmark}
|
||||
\end{figure}
|
||||
|
||||
Despite this, recent trends in Ethereum node hosting reveal a
|
||||
significant reliance on centralized cloud providers. Notably, Amazon,
|
||||
Hetzner, and OVH collectively host 70\% of all Ethereum nodes, as
|
||||
illustrated in Figure \ref{fig:ethernodes_hosting}.
|
||||
\subsection{The Case for Decentralized Self-Hosting}
|
||||
|
||||
The need for reliable overlay VPNs extends beyond the Clan project.
|
||||
Peer-to-peer architectures underpin a wide range of modern systems---from
|
||||
IoT edge computing to content delivery networks and blockchain platforms
|
||||
like Ethereum---enabling censorship-resistant, fault-tolerant infrastructure
|
||||
by eliminating single points of failure \cite{shukla_towards_2021}.
|
||||
|
||||
However, realizing these benefits requires distributing nodes across
|
||||
diverse hosting entities.
|
||||
In practice, this diversity remains elusive:
|
||||
Amazon, Hetzner, and OVH collectively host 70\% of all Ethereum nodes
|
||||
(see Figure~\ref{fig:ethernodes_hosting}),
|
||||
concentrating nominally decentralized infrastructure within
|
||||
a handful of providers subject to common regulatory jurisdictions.
|
||||
|
||||
\begin{figure}[H]
|
||||
\centering
|
||||
@@ -51,73 +73,36 @@ illustrated in Figure \ref{fig:ethernodes_hosting}.
|
||||
\label{fig:ethernodes_hosting}
|
||||
\end{figure}
|
||||
|
||||
The centralized nature of these providers and their domicile within the
|
||||
same regulatory jurisdiction—the United States—introduces vulnerability.
|
||||
Such a configuration allows for possible governmental intervention,
|
||||
which could lead to network shutdowns or manipulation by leveraging
|
||||
control over these cloud services.
|
||||
|
||||
The reliance on cloud-based solutions is largely attributed to their
|
||||
ease of use and reliability, as self-hosting introduces several
|
||||
technical and operational challenges, which include:
|
||||
This centralization persists because self-hosting remains prohibitively complex.
|
||||
Key challenges include:
|
||||
|
||||
\begin{itemize}
|
||||
\item \textbf{NAT Traversal:} Establishing direct connections
|
||||
between peers located behind Network Address Translation (NAT)
|
||||
devices is complex and often requires workarounds such as port
|
||||
forwarding or relay servers.
|
||||
\item \textbf{Network Connectivity:}
|
||||
NAT traversal, dynamic IP addresses, and firewall configurations
|
||||
require technical workarounds such as port forwarding, relay servers,
|
||||
or Dynamic DNS services.
|
||||
|
||||
\item \textbf{Dynamic IP Addresses:} Peers often have non-static
|
||||
(dynamic) IP addresses assigned by Internet Service Providers
|
||||
(ISPs), which makes maintaining stable connections difficult
|
||||
without additional solutions like Dynamic DNS services.
|
||||
\item \textbf{Security:}
|
||||
Operators must secure data in transit, authenticate connections,
|
||||
and defend against attacks---responsibilities that cloud providers
|
||||
typically abstract away.
|
||||
|
||||
\item \textbf{Data Reliability:} Ensuring data durability and
|
||||
preventing loss due to hardware failures, system crashes, or
|
||||
insufficient backup mechanisms can be a challenge for individual
|
||||
users managing their own infrastructure.
|
||||
\item \textbf{Reliability:}
|
||||
Ensuring data durability, maintaining uptime during hardware failures
|
||||
or power outages, and handling peer churn in dynamic networks
|
||||
demand continuous attention.
|
||||
|
||||
\item \textbf{Security Concerns:} Self-hosted systems must be
|
||||
protected from malicious actors, including securing data in
|
||||
transit, authenticating connections, and mitigating attacks such
|
||||
as Distributed Denial of Service (DDoS).
|
||||
|
||||
\item \textbf{Maintenance Overhead:} Regular updates, hardware
|
||||
repairs, and troubleshooting require time and effort, which may
|
||||
discourage users unfamiliar with system administration.
|
||||
|
||||
\item \textbf{Steep Learning Curve:} Non-technical users face a
|
||||
high entry barrier, as hosting and configuring their own P2P
|
||||
nodes often involve understanding complex networking and software
|
||||
setup processes.
|
||||
|
||||
\item \textbf{High Network Churn:} In dynamic P2P environments
|
||||
where peers frequently join and leave, ensuring consistent
|
||||
availability of services and maintaining network stability
|
||||
present additional challenges.
|
||||
|
||||
\item \textbf{Uptime and Availability:} Keeping self-hosted systems
|
||||
online and operational 24/7 can be difficult, especially in
|
||||
situations of power outages, hardware failures, or limited
|
||||
internet connectivity.
|
||||
\item \textbf{Operational Overhead:}
|
||||
System administration tasks---updates, troubleshooting, configuration
|
||||
management---present a steep learning curve for non-technical users.
|
||||
\end{itemize}
|
||||
|
||||
Recognizing this gap, the Clan project aims to address these
|
||||
challenges by simplifying the process of self-hosting, making it as
|
||||
straightforward, accessible, and reliable as using a cloud provider.
|
||||
The project's vision is to empower users to deploy and manage their
|
||||
own private P2P networks with minimal technical expertise,
|
||||
significantly lowering the barrier to entry.
|
||||
|
||||
As illustrated in Figure \ref{fig:vision-stages}, the proposed
|
||||
solution includes a user-friendly web interface. This interface
|
||||
allows users to design and customize their private P2P networks with
|
||||
just a few clicks. To further simplify the process, the inclusion of
|
||||
a Large Language Model (LLM) is envisioned to assist users throughout
|
||||
the network creation process. The LLM would provide contextual
|
||||
guidance, answer configuration-related queries, and help resolve
|
||||
potential issues, thus making the system approachable for a wider
|
||||
audience without requiring advanced technical skills.
|
||||
The Clan project addresses these barriers by making self-hosting
|
||||
as straightforward as using a cloud provider.
|
||||
As illustrated in Figure~\ref{fig:vision-stages}, Clan envisions
|
||||
a web interface that enables users to design and deploy private P2P networks
|
||||
with minimal configuration, assisted by an integrated LLM
|
||||
for contextual guidance and troubleshooting.
|
||||
|
||||
\begin{figure}[h!]
|
||||
\centering
|
||||
|
||||
Reference in New Issue
Block a user