From 2e2d8880c08cfbd823e44130a506b3b1ce19c9d7 Mon Sep 17 00:00:00 2001
From: Qubasa <consulting@qube.email>
Date: Tue, 24 Feb 2026 18:36:44 +0100
Subject: [PATCH] new structure

---
 Chapters/Preliminaries.tex | 42 ++++++++++++++++++++++++++++++++++++++
 1 file changed, 42 insertions(+)
 create mode 100644 Chapters/Preliminaries.tex

diff --git a/Chapters/Preliminaries.tex b/Chapters/Preliminaries.tex
new file mode 100644
index 0000000..f0441b2
--- /dev/null
+++ b/Chapters/Preliminaries.tex
@@ -0,0 +1,42 @@
+\chapter{Preliminaries} % Main chapter title
+
+\label{Preliminaries}
+
+\subsubsection{Nix: A Safe and Policy-Free System for Software Deployment}
+
+Nix addresses significant issues in software deployment by utilizing
+cryptographic hashes to ensure unique paths for component instances
+\cite{dolstra_nix_2004}. Features such as concurrent installation of
+multiple versions, atomic upgrades, and safe garbage collection make
+Nix a flexible deployment system. This work uses Nix to ensure that
+all VPN builds and system configurations are deterministic.
+
+\subsubsection{NixOS: A Purely Functional Linux Distribution}
+
+NixOS extends Nix principles to Linux system configuration
+\cite{dolstra_nixos_2008}. System configurations are reproducible and
+isolated from stateful interactions typical in imperative package
+management. This property is essential for ensuring identical test
+environments across benchmark runs.
+
+
+\subsubsection{UDP NAT and Firewall Puncturing in the Wild}
+
+Halkes and Pouwelse~\cite{halkes_udp_2011} measure UDP hole punching
+efficacy on a live P2P network using the Tribler BitTorrent client.
+Their study finds that 79\% of peers are unreachable due to NAT or
+firewall restrictions, yet 64\% reside behind configurations amenable
+to hole punching. Among compatible peers, over 80\% of puncturing
+attempts succeed, establishing hole punching as a practical NAT
+traversal technique. Their timeout measurements further indicate that
+keep-alive messages must be sent at least every 55 seconds to maintain
+open NAT mappings.
+
+These findings directly inform the evaluation criteria for this thesis.
+All mesh VPNs tested rely on UDP hole punching for NAT traversal;
+the 80\% success rate sets a baseline expectation, while the 55-second
+timeout informs analysis of each implementation's keep-alive behavior
+during source code review.
+
+\subsubsection{An Overview of Packet Reordering in TCP}
+TODO \cite{leung_overview_2007}