new structure
This commit is contained in:
@@ -2,6 +2,8 @@
|
||||
|
||||
\label{Introduction}
|
||||
|
||||
TODO
|
||||
|
||||
\subsection{Motivation}
|
||||
|
||||
Peer-to-peer architectures promise censorship-resistant, fault-tolerant
|
||||
@@ -174,30 +176,12 @@ in pursuit of top rankings.
|
||||
\label{fig:vision-stages}
|
||||
\end{figure}
|
||||
|
||||
|
||||
\subsection{Research Contribution}
|
||||
|
||||
TODO
|
||||
|
||||
\subsection{Related Work}
|
||||
|
||||
\subsubsection{Nix: A Safe and Policy-Free System for Software Deployment}
|
||||
|
||||
Nix addresses significant issues in software deployment by utilizing
|
||||
cryptographic hashes to ensure unique paths for component instances
|
||||
\cite{dolstra_nix_2004}. Features such as concurrent installation of
|
||||
multiple versions, atomic upgrades, and safe garbage collection make
|
||||
Nix a flexible deployment system. This work uses Nix to ensure that
|
||||
all VPN builds and system configurations are deterministic.
|
||||
|
||||
\subsubsection{NixOS: A Purely Functional Linux Distribution}
|
||||
|
||||
NixOS extends Nix principles to Linux system configuration
|
||||
\cite{dolstra_nixos_2008}. System configurations are reproducible and
|
||||
isolated from stateful interactions typical in imperative package
|
||||
management. This property is essential for ensuring identical test
|
||||
environments across benchmark runs.
|
||||
|
||||
\subsubsection{A Comparative Study on Virtual Private Networks}
|
||||
|
||||
Lackorzynski et al.\ \cite{lackorzynski_comparative_2019} evaluate
|
||||
@@ -226,26 +210,5 @@ This thesis extends their work in several ways:
|
||||
\item Fully reproducible experimental framework via Nix/NixOS/Clan
|
||||
\end{itemize}
|
||||
|
||||
\subsubsection{UDP NAT and Firewall Puncturing in the Wild}
|
||||
|
||||
Halkes and Pouwelse~\cite{halkes_udp_2011} measure UDP hole punching
|
||||
efficacy on a live P2P network using the Tribler BitTorrent client.
|
||||
Their study finds that 79\% of peers are unreachable due to NAT or
|
||||
firewall restrictions, yet 64\% reside behind configurations amenable
|
||||
to hole punching. Among compatible peers, over 80\% of puncturing
|
||||
attempts succeed, establishing hole punching as a practical NAT
|
||||
traversal technique. Their timeout measurements further indicate that
|
||||
keep-alive messages must be sent at least every 55 seconds to maintain
|
||||
open NAT mappings.
|
||||
|
||||
These findings directly inform the evaluation criteria for this thesis.
|
||||
All mesh VPNs tested rely on UDP hole punching for NAT traversal;
|
||||
the 80\% success rate sets a baseline expectation, while the 55-second
|
||||
timeout informs analysis of each implementation's keep-alive behavior
|
||||
during source code review.
|
||||
|
||||
\subsubsection{An Overview of Packet Reordering in TCP}
|
||||
TODO \cite{leung_overview_2007}
|
||||
|
||||
\subsubsection{Performance Evaluation of TCP over QUIC Tunnels}
|
||||
TODO \cite{guo_implementation_2025}
|
||||
TODO \cite{guo_implementation_2025}
|
||||
|
||||
53
main.tex
53
main.tex
@@ -38,7 +38,7 @@
|
||||
% the table of contents
|
||||
%toctotoc, % Uncomment to add the main table of contents to the
|
||||
% table of contents
|
||||
%parskip, % Uncomment to add space between paragraphs
|
||||
parskip, % Add space between paragraphs and remove indentation
|
||||
%nohyperref, % Uncomment to not load the hyperref package
|
||||
headsepline, % Uncomment to get a line under the header
|
||||
chapterinoneline, % Place the chapter title next to the number on one line
|
||||
@@ -87,7 +87,7 @@
|
||||
% THESIS INFORMATION
|
||||
%----------------------------------------------------------------------------------------
|
||||
|
||||
\thesistitle{Decrypting the Overlay: A Reproducible Analysis of P2P
|
||||
\thesistitle{A Reproducible Analysis of P2P
|
||||
VPN Implementation and Overhead} % Your thesis title, this is used in the title
|
||||
% and abstract, print it elsewhere with \ttitle
|
||||
%\supervisor{\textsc{Ber Lorke}} % Your supervisor's name, this is
|
||||
@@ -224,41 +224,22 @@ and Management}} % Your department's name and URL, this is used in
|
||||
\begin{abstract}
|
||||
\addchaptertocentry{\abstractname} % Add the abstract to the table of contents
|
||||
|
||||
This thesis evaluates the performance and fault tolerance of
|
||||
peer-to-peer mesh VPNs through an automated, reproducible
|
||||
benchmarking framework
|
||||
built on the Clan deployment system.
|
||||
We establish a cloud API–independent, binary-reproducible environment
|
||||
for deploying and assessing various VPN implementations,
|
||||
including Tailscale (via Headscale), Hyprspace, Lighthouse, Tinc,
|
||||
and ZeroTier.
|
||||
|
||||
To simulate real-world network conditions, we employ four impairment profiles
|
||||
with varying degrees of packet loss, reordering, latency, and jitter.
|
||||
Our benchmark suite comprises RIST video streaming, Nix cache downloads,
|
||||
iperf3 throughput tests, QUIC transfers, and ping latency measurements.
|
||||
The experiments run on three machines interconnected at 1\,Gbps,
|
||||
each equipped with four CPU cores and eight threads.
|
||||
In total, we evaluate ten VPNs across seven benchmarks and four
|
||||
impairment profiles,
|
||||
yielding over 300 unique measurements.
|
||||
This thesis benchmarks peer-to-peer mesh VPNs using a reproducible,
|
||||
Nix-based framework built with a deployment system called Clan. We
|
||||
evaluate ten VPN implementations; including Tailscale (via
|
||||
Headscale), Hyprspace, Nebula, Tinc, and ZeroTier; under four
|
||||
network impairment profiles varying packet loss, reordering,
|
||||
latency, and jitter, yielding over 300 unique measurements across
|
||||
seven benchmarks.
|
||||
|
||||
Our analysis reveals that Tailscale outperforms the Linux kernel's
|
||||
default networking stack under degraded network conditions—a
|
||||
counterintuitive finding
|
||||
we investigate through source code analysis of packet handling,
|
||||
encryption schemes, and resilience mechanisms.
|
||||
This investigation also uncovered several critical security vulnerabilities
|
||||
across the evaluated VPNs.
|
||||
|
||||
We validate our hypotheses by re-running benchmarks with tuned
|
||||
Linux kernel parameters,
|
||||
demonstrating measurable improvements in network throughput.
|
||||
This work contributes to decentralized networking research
|
||||
by providing an extensible framework for reproducible P2P benchmarks,
|
||||
offering insights into mesh VPN implementation quality,
|
||||
and demonstrating that default Linux kernel settings are suboptimal
|
||||
for adverse network conditions.
|
||||
default networking stack under degraded conditions. and tuned
|
||||
congestion control: Reno over CUBIC, with RACK disabled to avoid
|
||||
spurious retransmits under reordering. We validate this
|
||||
hypothesis by re-running benchmarks with tuned kernel buffer
|
||||
parameters, demonstrating measurable throughput improvements. This
|
||||
investigation also uncovered several critical security
|
||||
vulnerabilities across the evaluated VPNs.
|
||||
|
||||
\end{abstract}
|
||||
|
||||
@@ -351,7 +332,7 @@ and Management}} % Your department's name and URL, this is used in
|
||||
% Uncomment the lines as you write the chapters
|
||||
\include{Chapters/Introduction}
|
||||
\include{Chapters/Methodology}
|
||||
|
||||
\include{Chapters/Preliminaries}
|
||||
|
||||
%\include{Chapters/Chapter1}
|
||||
%\include{Chapters/Chapter2}
|
||||
|
||||
@@ -1,338 +1,619 @@
|
||||
|
||||
@article{kjorveziroski_full-mesh_2024,
|
||||
title = {Full-mesh {VPN} performance evaluation for a secure edge-cloud continuum},
|
||||
volume = {54},
|
||||
rights = {© 2024 The Authors. Software: Practice and Experience published by John Wiley \& Sons Ltd.},
|
||||
issn = {1097-024X},
|
||||
url = {https://onlinelibrary.wiley.com/doi/abs/10.1002/spe.3329},
|
||||
doi = {10.1002/spe.3329},
|
||||
abstract = {The recent introduction of full-mesh virtual private network ({VPN}) solutions which offer near native performance, coupled with modern encryption algorithms and easy scalability as a result of a central control plane have a strong potential to enable the implementation of a seamless edge-cloud continuum. To test the performance of existing solutions in this domain, we present a framework consisted of both essential and optional features that full-mesh {VPN} solutions need to support before they can be used for interconnecting geographically dispersed compute nodes. We then apply this framework on existing offerings and select three {VPN} solutions for further tests: Headscale, Netbird, and {ZeroTier}. We evaluate their features in the context of establishing an underlay network on top of which a Kubernetes overlay network can be created. We test pod-to-pod {TCP} and {UDP} throughput as well as Kubernetes application programming interface ({API}) response times, in multiple scenarios, accounting for adverse network conditions such as packet loss or packet delay. Based on the obtained measurement results and through analysis of the underlying strengths and weaknesses of the individual implementations, we draw conclusions on the preferred {VPN} solution depending on the use-case at hand, striking a balance between usability and performance.},
|
||||
pages = {1543--1564},
|
||||
number = {8},
|
||||
journaltitle = {Software: Practice and Experience},
|
||||
author = {Kjorveziroski, Vojdan and Bernad, Cristina and Gilly, Katja and Filiposka, Sonja},
|
||||
urldate = {2024-09-19},
|
||||
date = {2024},
|
||||
langid = {english},
|
||||
keywords = {edge-cloud continuum, Kubernetes, orchestration, virtual private networks, Wireguard, {ZeroTier}},
|
||||
file = {Attachment:/home/lhebendanz/Zotero/storage/BGJCY48V/Softw Pract Exp - 2024 - Kjorveziroski - Full‐mesh VPN performance evaluation for a secure edge‐cloud continuum.pdf:application/pdf},
|
||||
title = {Full-mesh {VPN} performance evaluation for a secure
|
||||
edge-cloud continuum},
|
||||
volume = {54},
|
||||
rights = {© 2024 The Authors. Software: Practice and Experience
|
||||
published by John Wiley \& Sons Ltd.},
|
||||
issn = {1097-024X},
|
||||
url = {https://onlinelibrary.wiley.com/doi/abs/10.1002/spe.3329},
|
||||
doi = {10.1002/spe.3329},
|
||||
abstract = {The recent introduction of full-mesh virtual private
|
||||
network ({VPN}) solutions which offer near native performance,
|
||||
coupled with modern encryption algorithms and easy scalability as a
|
||||
result of a central control plane have a strong potential to enable
|
||||
the implementation of a seamless edge-cloud continuum. To test the
|
||||
performance of existing solutions in this domain, we present a
|
||||
framework consisted of both essential and optional features that
|
||||
full-mesh {VPN} solutions need to support before they can be used
|
||||
for interconnecting geographically dispersed compute nodes. We then
|
||||
apply this framework on existing offerings and select three {VPN}
|
||||
solutions for further tests: Headscale, Netbird, and {ZeroTier}. We
|
||||
evaluate their features in the context of establishing an underlay
|
||||
network on top of which a Kubernetes overlay network can be
|
||||
created. We test pod-to-pod {TCP} and {UDP} throughput as well as
|
||||
Kubernetes application programming interface ({API}) response
|
||||
times, in multiple scenarios, accounting for adverse network
|
||||
conditions such as packet loss or packet delay. Based on the
|
||||
obtained measurement results and through analysis of the underlying
|
||||
strengths and weaknesses of the individual implementations, we draw
|
||||
conclusions on the preferred {VPN} solution depending on the
|
||||
use-case at hand, striking a balance between usability and performance.},
|
||||
pages = {1543--1564},
|
||||
number = {8},
|
||||
journaltitle = {Software: Practice and Experience},
|
||||
author = {Kjorveziroski, Vojdan and Bernad, Cristina and Gilly,
|
||||
Katja and Filiposka, Sonja},
|
||||
urldate = {2024-09-19},
|
||||
date = {2024},
|
||||
langid = {english},
|
||||
keywords = {edge-cloud continuum, Kubernetes, orchestration,
|
||||
virtual private networks, Wireguard, {ZeroTier}},
|
||||
file = {Attachment:/home/lhebendanz/Zotero/storage/BGJCY48V/Softw
|
||||
Pract Exp - 2024 - Kjorveziroski - Full‐mesh VPN performance
|
||||
evaluation for a secure edge‐cloud continuum.pdf:application/pdf},
|
||||
}
|
||||
|
||||
@online{noauthor_sci-hub_nodate,
|
||||
title = {Sci-Hub},
|
||||
url = {https://sci-hub.usualwant.com/},
|
||||
abstract = {Sci-Hub,{SciHub}: Contains the latest literature in 2024,world where everyone has free access to knowledge.},
|
||||
urldate = {2024-11-19},
|
||||
file = {Snapshot:/home/lhebendanz/Zotero/storage/Q6ZNWGBH/sci-hub.usualwant.com.html:text/html},
|
||||
title = {Sci-Hub},
|
||||
url = {https://sci-hub.usualwant.com/},
|
||||
abstract = {Sci-Hub,{SciHub}: Contains the latest literature in
|
||||
2024,world where everyone has free access to knowledge.},
|
||||
urldate = {2024-11-19},
|
||||
file =
|
||||
{Snapshot:/home/lhebendanz/Zotero/storage/Q6ZNWGBH/sci-hub.usualwant.com.html:text/html},
|
||||
}
|
||||
|
||||
@article{shukla_towards_2021,
|
||||
title = {Towards software defined low maintenance structured peer-to-peer overlays},
|
||||
volume = {14},
|
||||
issn = {1936-6442, 1936-6450},
|
||||
url = {https://link.springer.com/10.1007/s12083-021-01112-7},
|
||||
doi = {10.1007/s12083-021-01112-7},
|
||||
pages = {1242--1260},
|
||||
number = {3},
|
||||
journaltitle = {Peer-to-Peer Netw. Appl.},
|
||||
author = {Shukla, Nitin and Datta, Dipmalya and Pandey, Mayank and Srivastava, Shashank},
|
||||
urldate = {2024-11-19},
|
||||
date = {2021-05},
|
||||
langid = {english},
|
||||
file = {PDF:/home/lhebendanz/Zotero/storage/GTPSJRYK/Shukla et al. - 2021 - Towards software defined low maintenance structured peer-to-peer overlays.pdf:application/pdf},
|
||||
title = {Towards software defined low maintenance structured
|
||||
peer-to-peer overlays},
|
||||
volume = {14},
|
||||
issn = {1936-6442, 1936-6450},
|
||||
url = {https://link.springer.com/10.1007/s12083-021-01112-7},
|
||||
doi = {10.1007/s12083-021-01112-7},
|
||||
pages = {1242--1260},
|
||||
number = {3},
|
||||
journaltitle = {Peer-to-Peer Netw. Appl.},
|
||||
author = {Shukla, Nitin and Datta, Dipmalya and Pandey, Mayank and
|
||||
Srivastava, Shashank},
|
||||
urldate = {2024-11-19},
|
||||
date = {2021-05},
|
||||
langid = {english},
|
||||
file = {PDF:/home/lhebendanz/Zotero/storage/GTPSJRYK/Shukla et al.
|
||||
- 2021 - Towards software defined low maintenance structured
|
||||
peer-to-peer overlays.pdf:application/pdf},
|
||||
}
|
||||
|
||||
@inproceedings{dolstra_nixos_2008,
|
||||
location = {New York, {NY}, {USA}},
|
||||
title = {{NixOS}: a purely functional Linux distribution},
|
||||
isbn = {978-1-59593-919-7},
|
||||
url = {https://doi.org/10.1145/1411204.1411255},
|
||||
doi = {10.1145/1411204.1411255},
|
||||
series = {{ICFP} '08},
|
||||
shorttitle = {{NixOS}},
|
||||
abstract = {Existing package and system configuration management tools suffer from an imperative model, where system administration actions such as upgrading packages or changes to system configuration files are stateful: they destructively update the state of the system. This leads to many problems, such as the inability to roll back changes easily, to run multiple versions of a package side-by-side, to reproduce a configuration deterministically on another machine, or to reliably upgrade a system. In this paper we show that we can overcome these problems by moving to a purely functional system configuration model. This means that all static parts of a system (such as software packages, configuration files and system startup scripts) are built by pure functions and are immutable, stored in a way analogously to a heap in a purely function language. We have implemented this model in {NixOS}, a non-trivial Linux distribution that uses the Nix package manager to build the entire system configuration from a purely functional specification.},
|
||||
pages = {367--378},
|
||||
booktitle = {Proceedings of the 13th {ACM} {SIGPLAN} international conference on Functional programming},
|
||||
publisher = {Association for Computing Machinery},
|
||||
author = {Dolstra, Eelco and Löh, Andres},
|
||||
urldate = {2024-11-24},
|
||||
date = {2008-09-20},
|
||||
file = {PDF:/home/lhebendanz/Zotero/storage/GGG3BB3V/Dolstra et al. - 2010 - NixOS A Purely Functional Linux Distribution.pdf:application/pdf},
|
||||
location = {New York, {NY}, {USA}},
|
||||
title = {{NixOS}: a purely functional Linux distribution},
|
||||
isbn = {978-1-59593-919-7},
|
||||
url = {https://doi.org/10.1145/1411204.1411255},
|
||||
doi = {10.1145/1411204.1411255},
|
||||
series = {{ICFP} '08},
|
||||
shorttitle = {{NixOS}},
|
||||
abstract = {Existing package and system configuration management
|
||||
tools suffer from an imperative model, where system administration
|
||||
actions such as upgrading packages or changes to system
|
||||
configuration files are stateful: they destructively update the
|
||||
state of the system. This leads to many problems, such as the
|
||||
inability to roll back changes easily, to run multiple versions of
|
||||
a package side-by-side, to reproduce a configuration
|
||||
deterministically on another machine, or to reliably upgrade a
|
||||
system. In this paper we show that we can overcome these problems
|
||||
by moving to a purely functional system configuration model. This
|
||||
means that all static parts of a system (such as software packages,
|
||||
configuration files and system startup scripts) are built by pure
|
||||
functions and are immutable, stored in a way analogously to a heap
|
||||
in a purely function language. We have implemented this model in
|
||||
{NixOS}, a non-trivial Linux distribution that uses the Nix package
|
||||
manager to build the entire system configuration from a purely
|
||||
functional specification.},
|
||||
pages = {367--378},
|
||||
booktitle = {Proceedings of the 13th {ACM} {SIGPLAN} international
|
||||
conference on Functional programming},
|
||||
publisher = {Association for Computing Machinery},
|
||||
author = {Dolstra, Eelco and Löh, Andres},
|
||||
urldate = {2024-11-24},
|
||||
date = {2008-09-20},
|
||||
file = {PDF:/home/lhebendanz/Zotero/storage/GGG3BB3V/Dolstra et al.
|
||||
- 2010 - NixOS A Purely Functional Linux Distribution.pdf:application/pdf},
|
||||
}
|
||||
|
||||
@article{van_der_burg_disnix_2014,
|
||||
title = {Disnix: A toolset for distributed deployment},
|
||||
volume = {79},
|
||||
issn = {0167-6423},
|
||||
url = {https://www.sciencedirect.com/science/article/pii/S0167642312000639},
|
||||
doi = {10.1016/j.scico.2012.03.006},
|
||||
series = {Experimental Software and Toolkits ({EST} 4): A special issue of the Workshop on Academic Software Development Tools and Techniques ({WASDeTT}-3 2010)},
|
||||
shorttitle = {Disnix},
|
||||
abstract = {The process of deploying a distributed system in a network of machines is often very complex, laborious and time-consuming, while it is hard to guarantee that the system will work as expected and that specific non-functional deployment requirements from the domain are supported. In this paper we describe the Disnix toolset, which provides system administrators or developers with automatic deployment of a distributed system in a network of machines from declarative specifications and offers properties such as complete dependencies, atomic upgrades and rollbacks to make this process efficient and reliable. Disnix has an extensible architecture, allowing the integration of custom modules to make the deployment more convenient and suitable for the domain in which the system is to be used. Disnix has been under development for almost four years and has been applied to several types of distributed systems, including an industrial case study.},
|
||||
pages = {52--69},
|
||||
journaltitle = {Science of Computer Programming},
|
||||
author = {van der Burg, Sander and Dolstra, Eelco},
|
||||
urldate = {2024-11-24},
|
||||
date = {2014-01-01},
|
||||
keywords = {Distributed systems, Service-oriented systems, Software deployment},
|
||||
file = {PDF:/home/lhebendanz/Zotero/storage/XSWZ95UU/van der Burg and Dolstra - 2014 - Disnix A toolset for distributed deployment.pdf:application/pdf;ScienceDirect Snapshot:/home/lhebendanz/Zotero/storage/VHPTLVMW/S0167642312000639.html:text/html},
|
||||
title = {Disnix: A toolset for distributed deployment},
|
||||
volume = {79},
|
||||
issn = {0167-6423},
|
||||
url = {https://www.sciencedirect.com/science/article/pii/S0167642312000639},
|
||||
doi = {10.1016/j.scico.2012.03.006},
|
||||
series = {Experimental Software and Toolkits ({EST} 4): A special
|
||||
issue of the Workshop on Academic Software Development Tools and
|
||||
Techniques ({WASDeTT}-3 2010)},
|
||||
shorttitle = {Disnix},
|
||||
abstract = {The process of deploying a distributed system in a
|
||||
network of machines is often very complex, laborious and
|
||||
time-consuming, while it is hard to guarantee that the system will
|
||||
work as expected and that specific non-functional deployment
|
||||
requirements from the domain are supported. In this paper we
|
||||
describe the Disnix toolset, which provides system administrators
|
||||
or developers with automatic deployment of a distributed system in
|
||||
a network of machines from declarative specifications and offers
|
||||
properties such as complete dependencies, atomic upgrades and
|
||||
rollbacks to make this process efficient and reliable. Disnix has
|
||||
an extensible architecture, allowing the integration of custom
|
||||
modules to make the deployment more convenient and suitable for the
|
||||
domain in which the system is to be used. Disnix has been under
|
||||
development for almost four years and has been applied to several
|
||||
types of distributed systems, including an industrial case study.},
|
||||
pages = {52--69},
|
||||
journaltitle = {Science of Computer Programming},
|
||||
author = {van der Burg, Sander and Dolstra, Eelco},
|
||||
urldate = {2024-11-24},
|
||||
date = {2014-01-01},
|
||||
keywords = {Distributed systems, Service-oriented systems, Software
|
||||
deployment},
|
||||
file = {PDF:/home/lhebendanz/Zotero/storage/XSWZ95UU/van der Burg
|
||||
and Dolstra - 2014 - Disnix A toolset for distributed
|
||||
deployment.pdf:application/pdf;ScienceDirect
|
||||
Snapshot:/home/lhebendanz/Zotero/storage/VHPTLVMW/S0167642312000639.html:text/html},
|
||||
}
|
||||
|
||||
@inproceedings{dolstra_nix_2004,
|
||||
location = {{USA}},
|
||||
title = {Nix: A Safe and Policy-Free System for Software Deployment},
|
||||
series = {{LISA} '04},
|
||||
shorttitle = {Nix},
|
||||
abstract = {Existing systems for software deployment are neither safe nor sufficiently flexible. Primary safety issues are the inability to enforce reliable specification of component dependencies, and the lack of support for multiple versions or variants of a component. This renders deployment operations such as upgrading or deleting components dangerous and unpredictable. A deployment system must also be flexible (i.e., policy-free) enough to support both centralised and local package management, and to allow a variety of mechanisms for transferring components. In this paper we present Nix, a deployment system that addresses these issues through a simple technique of using cryptographic hashes to compute unique paths for component instances.},
|
||||
pages = {79--92},
|
||||
booktitle = {Proceedings of the 18th {USENIX} conference on System administration},
|
||||
publisher = {{USENIX} Association},
|
||||
author = {Dolstra, Eelco and de Jonge, Merijn and Visser, Eelco},
|
||||
urldate = {2024-11-25},
|
||||
date = {2004-11-19},
|
||||
file = {PDF:/home/lhebendanz/Zotero/storage/FVVZ628U/Dolstra et al. - Nix A Safe and Policy-Free System for Software Deployment.pdf:application/pdf},
|
||||
location = {{USA}},
|
||||
title = {Nix: A Safe and Policy-Free System for Software Deployment},
|
||||
series = {{LISA} '04},
|
||||
shorttitle = {Nix},
|
||||
abstract = {Existing systems for software deployment are neither
|
||||
safe nor sufficiently flexible. Primary safety issues are the
|
||||
inability to enforce reliable specification of component
|
||||
dependencies, and the lack of support for multiple versions or
|
||||
variants of a component. This renders deployment operations such as
|
||||
upgrading or deleting components dangerous and unpredictable. A
|
||||
deployment system must also be flexible (i.e., policy-free) enough
|
||||
to support both centralised and local package management, and to
|
||||
allow a variety of mechanisms for transferring components. In this
|
||||
paper we present Nix, a deployment system that addresses these
|
||||
issues through a simple technique of using cryptographic hashes to
|
||||
compute unique paths for component instances.},
|
||||
pages = {79--92},
|
||||
booktitle = {Proceedings of the 18th {USENIX} conference on System
|
||||
administration},
|
||||
publisher = {{USENIX} Association},
|
||||
author = {Dolstra, Eelco and de Jonge, Merijn and Visser, Eelco},
|
||||
urldate = {2024-11-25},
|
||||
date = {2004-11-19},
|
||||
file = {PDF:/home/lhebendanz/Zotero/storage/FVVZ628U/Dolstra et al.
|
||||
- Nix A Safe and Policy-Free System for Software
|
||||
Deployment.pdf:application/pdf},
|
||||
}
|
||||
|
||||
@online{noauthor_isps_nodate,
|
||||
title = {{ISPs} - ethernodes.org - The Ethereum Network \& Node Explorer},
|
||||
url = {https://ethernodes.org/networkType/Hosting},
|
||||
urldate = {2024-12-02},
|
||||
file = {ISPs - ethernodes.org - The Ethereum Network & Node Explorer:/home/lhebendanz/Zotero/storage/BH7E2FAL/Hosting.html:text/html},
|
||||
title = {{ISPs} - ethernodes.org - The Ethereum Network \& Node Explorer},
|
||||
url = {https://ethernodes.org/networkType/Hosting},
|
||||
urldate = {2024-12-02},
|
||||
file = {ISPs - ethernodes.org - The Ethereum Network & Node
|
||||
Explorer:/home/lhebendanz/Zotero/storage/BH7E2FAL/Hosting.html:text/html},
|
||||
}
|
||||
|
||||
@article{kern_lost_2023,
|
||||
title = {Lost in Simulation: Route Property in Mininet},
|
||||
url = {https://www.net.in.tum.de/fileadmin/TUM/NET/NET-2023-06-1/NET-2023-06-1_03.pdf},
|
||||
doi = {10.2313/NET-2023-06-1_03},
|
||||
shorttitle = {Lost in Simulation},
|
||||
abstract = {The Mininet network emulator enables the comparison of speed, delay, jitter and packet loss across different topologies. It provides a Python {API} to instantiate almost arbitrary layouts of networks and connections with attributes like predetermined packet loss. We inspect linear and grid-like topologies and discover that both share similar performance characteristics.},
|
||||
author = {Kern, Philipp},
|
||||
editora = {Architectures, Chair Of Network},
|
||||
editoratype = {collaborator},
|
||||
urldate = {2025-01-07},
|
||||
date = {2023},
|
||||
langid = {english},
|
||||
note = {Medium: {PDF}
|
||||
Publisher: Chair of Network Architectures and Services, School of Computation, Information and Technology, Technical University of Munich},
|
||||
file = {PDF:/home/lhebendanz/Zotero/storage/KSRTDLCA/Kern - 2023 - Lost in Simulation Route Property in Mininet.pdf:application/pdf},
|
||||
title = {Lost in Simulation: Route Property in Mininet},
|
||||
url =
|
||||
{https://www.net.in.tum.de/fileadmin/TUM/NET/NET-2023-06-1/NET-2023-06-1_03.pdf},
|
||||
doi = {10.2313/NET-2023-06-1_03},
|
||||
shorttitle = {Lost in Simulation},
|
||||
abstract = {The Mininet network emulator enables the comparison of
|
||||
speed, delay, jitter and packet loss across different topologies.
|
||||
It provides a Python {API} to instantiate almost arbitrary layouts
|
||||
of networks and connections with attributes like predetermined
|
||||
packet loss. We inspect linear and grid-like topologies and
|
||||
discover that both share similar performance characteristics.},
|
||||
author = {Kern, Philipp},
|
||||
editora = {Architectures, Chair Of Network},
|
||||
editoratype = {collaborator},
|
||||
urldate = {2025-01-07},
|
||||
date = {2023},
|
||||
langid = {english},
|
||||
note = {Medium: {PDF}
|
||||
Publisher: Chair of Network Architectures and Services, School of
|
||||
Computation, Information and Technology, Technical University of Munich},
|
||||
file = {PDF:/home/lhebendanz/Zotero/storage/KSRTDLCA/Kern - 2023 -
|
||||
Lost in Simulation Route Property in Mininet.pdf:application/pdf},
|
||||
}
|
||||
|
||||
@article{savolainen_modeling_2019,
|
||||
title = {Modeling the interplay of information seeking and information sharing: A conceptual analysis},
|
||||
volume = {71},
|
||||
issn = {2050-3806},
|
||||
url = {https://www.emerald.com/insight/content/doi/10.1108/ajim-10-2018-0266/full/html},
|
||||
doi = {10.1108/AJIM-10-2018-0266},
|
||||
shorttitle = {Modeling the interplay of information seeking and information sharing},
|
||||
abstract = {The purpose of this paper is to contribute to the creation of a holistic picture of information behavior by examining the connections between information seeking and sharing.,Conceptual analysis is used to focus on the ways in which the researchers have modeled the interplay of information seeking and sharing. The study draws on conceptual analysis of 27 key studies examining the above issue, with a focus on the scrutiny of six major models for information behavior.,Researchers have employed three main approaches to model the relationships between information seeking and sharing. The indirect approach conceptualizes information seeking and sharing as discrete activities connected by an intermediating factor, for example, information need. The sequential approach assumes that information seeking precedes information sharing. From the viewpoint of the interactive approach, information seeking and sharing appear as mutually related activities shaping each other iteratively or in a cyclical manner. The interactive approach provides the most sophisticated research perspective on the relationships of information seeking and sharing and contributes to holistic understanding of human information behavior.,As the study focuses on information seeking and sharing, no attention is devoted to other activities constitutive of information behavior, for example, information use.,The study pioneers by providing an in-depth analysis of the connections of information seeking and information sharing.},
|
||||
pages = {518--534},
|
||||
number = {4},
|
||||
journaltitle = {Aslib Journal of Information Management},
|
||||
author = {Savolainen, Reijo},
|
||||
urldate = {2025-01-24},
|
||||
date = {2019-06-18},
|
||||
langid = {english},
|
||||
note = {Publisher: Emerald Publishing Limited},
|
||||
file = {Full Text:/home/lhebendanz/Zotero/storage/LK5QNLVT/Savolainen - 2019 - Modeling the interplay of information seeking and information sharing A conceptual analysis.pdf:application/pdf;Snapshot:/home/lhebendanz/Zotero/storage/JMW3VDFN/html.html:text/html},
|
||||
title = {Modeling the interplay of information seeking and
|
||||
information sharing: A conceptual analysis},
|
||||
volume = {71},
|
||||
issn = {2050-3806},
|
||||
url =
|
||||
{https://www.emerald.com/insight/content/doi/10.1108/ajim-10-2018-0266/full/html},
|
||||
doi = {10.1108/AJIM-10-2018-0266},
|
||||
shorttitle = {Modeling the interplay of information seeking and
|
||||
information sharing},
|
||||
abstract = {The purpose of this paper is to contribute to the
|
||||
creation of a holistic picture of information behavior by examining
|
||||
the connections between information seeking and sharing.,Conceptual
|
||||
analysis is used to focus on the ways in which the researchers have
|
||||
modeled the interplay of information seeking and sharing. The study
|
||||
draws on conceptual analysis of 27 key studies examining the above
|
||||
issue, with a focus on the scrutiny of six major models for
|
||||
information behavior.,Researchers have employed three main
|
||||
approaches to model the relationships between information seeking
|
||||
and sharing. The indirect approach conceptualizes information
|
||||
seeking and sharing as discrete activities connected by an
|
||||
intermediating factor, for example, information need. The
|
||||
sequential approach assumes that information seeking precedes
|
||||
information sharing. From the viewpoint of the interactive
|
||||
approach, information seeking and sharing appear as mutually
|
||||
related activities shaping each other iteratively or in a cyclical
|
||||
manner. The interactive approach provides the most sophisticated
|
||||
research perspective on the relationships of information seeking
|
||||
and sharing and contributes to holistic understanding of human
|
||||
information behavior.,As the study focuses on information seeking
|
||||
and sharing, no attention is devoted to other activities
|
||||
constitutive of information behavior, for example, information
|
||||
use.,The study pioneers by providing an in-depth analysis of the
|
||||
connections of information seeking and information sharing.},
|
||||
pages = {518--534},
|
||||
number = {4},
|
||||
journaltitle = {Aslib Journal of Information Management},
|
||||
author = {Savolainen, Reijo},
|
||||
urldate = {2025-01-24},
|
||||
date = {2019-06-18},
|
||||
langid = {english},
|
||||
note = {Publisher: Emerald Publishing Limited},
|
||||
file = {Full
|
||||
Text:/home/lhebendanz/Zotero/storage/LK5QNLVT/Savolainen - 2019 -
|
||||
Modeling the interplay of information seeking and information
|
||||
sharing A conceptual
|
||||
analysis.pdf:application/pdf;Snapshot:/home/lhebendanz/Zotero/storage/JMW3VDFN/html.html:text/html},
|
||||
}
|
||||
|
||||
@online{noauthor_web_nodate,
|
||||
title = {The Web of False Information: Rumors, Fake News, Hoaxes, Clickbait, and Various Other Shenanigans: Journal of Data and Information Quality: Vol 11, No 3},
|
||||
url = {https://dl.acm.org/doi/abs/10.1145/3309699},
|
||||
urldate = {2025-01-24},
|
||||
file = {PDF:/home/lhebendanz/Zotero/storage/95QKTBA7/The Web of False Information Rumors, Fake News, Hoaxes, Clickbait, and Various Other Shenanigans J.pdf:application/pdf;The Web of False Information\: Rumors, Fake News, Hoaxes, Clickbait, and Various Other Shenanigans\: Journal of Data and Information Quality\: Vol 11, No 3:/home/lhebendanz/Zotero/storage/7A2CZ7A6/3309699.html:text/html},
|
||||
title = {The Web of False Information: Rumors, Fake News, Hoaxes,
|
||||
Clickbait, and Various Other Shenanigans: Journal of Data and
|
||||
Information Quality: Vol 11, No 3},
|
||||
url = {https://dl.acm.org/doi/abs/10.1145/3309699},
|
||||
urldate = {2025-01-24},
|
||||
file = {PDF:/home/lhebendanz/Zotero/storage/95QKTBA7/The Web of
|
||||
False Information Rumors, Fake News, Hoaxes, Clickbait, and Various
|
||||
Other Shenanigans J.pdf:application/pdf;The Web of False
|
||||
Information\: Rumors, Fake News, Hoaxes, Clickbait, and Various
|
||||
Other Shenanigans\: Journal of Data and Information Quality\: Vol
|
||||
11, No 3:/home/lhebendanz/Zotero/storage/7A2CZ7A6/3309699.html:text/html},
|
||||
}
|
||||
|
||||
@online{noauthor_netzdg_nodate,
|
||||
title = {{NetzDG} - Gesetz zur Verbesserung der Rechtsdurchsetzung in sozialen Netzwerken},
|
||||
url = {https://www.gesetze-im-internet.de/netzdg/BJNR335210017.html},
|
||||
urldate = {2025-02-24},
|
||||
file = {NetzDG - Gesetz zur Verbesserung der Rechtsdurchsetzung in sozialen Netzwerken:/home/lhebendanz/Zotero/storage/VKPIEEDI/BJNR335210017.html:text/html},
|
||||
title = {{NetzDG} - Gesetz zur Verbesserung der Rechtsdurchsetzung
|
||||
in sozialen Netzwerken},
|
||||
url = {https://www.gesetze-im-internet.de/netzdg/BJNR335210017.html},
|
||||
urldate = {2025-02-24},
|
||||
file = {NetzDG - Gesetz zur Verbesserung der Rechtsdurchsetzung in
|
||||
sozialen
|
||||
Netzwerken:/home/lhebendanz/Zotero/storage/VKPIEEDI/BJNR335210017.html:text/html},
|
||||
}
|
||||
|
||||
@online{noauthor_paket_2025,
|
||||
title = {Paket zum Gesetz über digitale Dienste {\textbar} Gestaltung der digitalen Zukunft Europas},
|
||||
url = {https://digital-strategy.ec.europa.eu/de/policies/digital-services-act-package},
|
||||
urldate = {2025-02-24},
|
||||
date = {2025-02-21},
|
||||
langid = {german},
|
||||
file = {Snapshot:/home/lhebendanz/Zotero/storage/362VSA4E/digital-services-act-package.html:text/html},
|
||||
@online{noauthor_packet_2025,
|
||||
title = {Packet zum Gesetz über digitale Dienste {\textbar}
|
||||
Gestaltung der digitalen Zukunft Europas},
|
||||
url =
|
||||
{https://digital-strategy.ec.europa.eu/de/policies/digital-services-act-package},
|
||||
urldate = {2025-02-24},
|
||||
date = {2025-02-21},
|
||||
langid = {german},
|
||||
file =
|
||||
{Snapshot:/home/lhebendanz/Zotero/storage/362VSA4E/digital-services-act-package.html:text/html},
|
||||
}
|
||||
|
||||
@article{salmi_constructing_2003,
|
||||
title = {Constructing Knowledge Societies: New Challenges for Tertiary Education},
|
||||
volume = {28},
|
||||
issn = {0379-7724, 1469-8358},
|
||||
url = {https://www.tandfonline.com/doi/full/10.1080/0379772032000110125},
|
||||
doi = {10.1080/0379772032000110125},
|
||||
shorttitle = {Constructing Knowledge Societies},
|
||||
pages = {65--69},
|
||||
number = {1},
|
||||
journaltitle = {Higher Education in Europe},
|
||||
author = {Salmi, Jamil},
|
||||
urldate = {2025-02-26},
|
||||
date = {2003-04},
|
||||
langid = {english},
|
||||
file = {PDF:/home/lhebendanz/Zotero/storage/M7TSQ6XA/Salmi - 2003 - Constructing Knowledge Societies New Challenges for Tertiary Education.pdf:application/pdf},
|
||||
title = {Constructing Knowledge Societies: New Challenges for
|
||||
Tertiary Education},
|
||||
volume = {28},
|
||||
issn = {0379-7724, 1469-8358},
|
||||
url = {https://www.tandfonline.com/doi/full/10.1080/0379772032000110125},
|
||||
doi = {10.1080/0379772032000110125},
|
||||
shorttitle = {Constructing Knowledge Societies},
|
||||
pages = {65--69},
|
||||
number = {1},
|
||||
journaltitle = {Higher Education in Europe},
|
||||
author = {Salmi, Jamil},
|
||||
urldate = {2025-02-26},
|
||||
date = {2003-04},
|
||||
langid = {english},
|
||||
file = {PDF:/home/lhebendanz/Zotero/storage/M7TSQ6XA/Salmi - 2003 -
|
||||
Constructing Knowledge Societies New Challenges for Tertiary
|
||||
Education.pdf:application/pdf},
|
||||
}
|
||||
|
||||
@article{sahlberg_rethinking_2010,
|
||||
title = {Rethinking accountability in a knowledge society},
|
||||
volume = {11},
|
||||
rights = {http://www.springer.com/tdm},
|
||||
issn = {1389-2843, 1573-1812},
|
||||
url = {http://link.springer.com/10.1007/s10833-008-9098-2},
|
||||
doi = {10.1007/s10833-008-9098-2},
|
||||
abstract = {Competition between schools combined with test-based accountability to hold schools accountable for predetermined knowledge standards have become a common solution in educational change efforts to improve the performance of educational systems around the world. This is happening as family and community social capital declines in most parts of developed world. Increased competition and individualism are not necessarily beneficial to creating social capital in schools and their communities. This article argues that: (1) the evidence remains controversial that test-based accountability policies improve the quality and efficiency of public education; (2) the current practice of determining educational performance by using primarily standardized knowledge tests as the main means of accountability is not a necessary condition for much needed educational improvement; and (3) there is growing evidence that increased high-stakes testing is restricting students’ conceptual learning, engaging in creative action and understanding innovation, all of which are essential elements of contemporary schooling in a knowledge society. Finland is used as an example to suggest that educational change should rather contribute to increasing networking and social capital in schools and in their communities through building trust and strengthening collective responsibilities within and between schools. This would create better prospects of worthwhile lifelong learning in and out of schools. Based on this analysis, the article concludes that education policies should be directed at promoting more intelligent forms of accountability to meet external accountability demands and to encourage cooperation rather than competition among students, teachers and schools.},
|
||||
pages = {45--61},
|
||||
number = {1},
|
||||
journaltitle = {J Educ Change},
|
||||
author = {Sahlberg, Pasi},
|
||||
urldate = {2025-02-26},
|
||||
date = {2010-02},
|
||||
langid = {english},
|
||||
file = {PDF:/home/lhebendanz/Zotero/storage/Q7WXPVKN/Sahlberg - 2010 - Rethinking accountability in a knowledge society.pdf:application/pdf},
|
||||
title = {Rethinking accountability in a knowledge society},
|
||||
volume = {11},
|
||||
rights = {http://www.springer.com/tdm},
|
||||
issn = {1389-2843, 1573-1812},
|
||||
url = {http://link.springer.com/10.1007/s10833-008-9098-2},
|
||||
doi = {10.1007/s10833-008-9098-2},
|
||||
abstract = {Competition between schools combined with test-based
|
||||
accountability to hold schools accountable for predetermined
|
||||
knowledge standards have become a common solution in educational
|
||||
change efforts to improve the performance of educational systems
|
||||
around the world. This is happening as family and community social
|
||||
capital declines in most parts of developed world. Increased
|
||||
competition and individualism are not necessarily beneficial to
|
||||
creating social capital in schools and their communities. This
|
||||
article argues that: (1) the evidence remains controversial that
|
||||
test-based accountability policies improve the quality and
|
||||
efficiency of public education; (2) the current practice of
|
||||
determining educational performance by using primarily standardized
|
||||
knowledge tests as the main means of accountability is not a
|
||||
necessary condition for much needed educational improvement; and
|
||||
(3) there is growing evidence that increased high-stakes testing is
|
||||
restricting students’ conceptual learning, engaging in creative
|
||||
action and understanding innovation, all of which are essential
|
||||
elements of contemporary schooling in a knowledge society. Finland
|
||||
is used as an example to suggest that educational change should
|
||||
rather contribute to increasing networking and social capital in
|
||||
schools and in their communities through building trust and
|
||||
strengthening collective responsibilities within and between
|
||||
schools. This would create better prospects of worthwhile lifelong
|
||||
learning in and out of schools. Based on this analysis, the article
|
||||
concludes that education policies should be directed at promoting
|
||||
more intelligent forms of accountability to meet external
|
||||
accountability demands and to encourage cooperation rather than
|
||||
competition among students, teachers and schools.},
|
||||
pages = {45--61},
|
||||
number = {1},
|
||||
journaltitle = {J Educ Change},
|
||||
author = {Sahlberg, Pasi},
|
||||
urldate = {2025-02-26},
|
||||
date = {2010-02},
|
||||
langid = {english},
|
||||
file = {PDF:/home/lhebendanz/Zotero/storage/Q7WXPVKN/Sahlberg -
|
||||
2010 - Rethinking accountability in a knowledge society.pdf:application/pdf},
|
||||
}
|
||||
|
||||
@article{vanderlind_effects_2017,
|
||||
title = {Effects of Mental Health on Student Learning},
|
||||
volume = {22},
|
||||
issn = {1087-0059},
|
||||
url = {https://eric.ed.gov/?id=EJ1154566},
|
||||
abstract = {Learning can be hindered by students' mental health. Given the increased reports of mental health concerns among college students, it is imperative that we understand how best to provide supports to this population to help them learn and succeed. This is particularly significant given the body of research that demonstrates how mental illness may negatively affect student success and degree persistence. In order to best serve this growing population, there are possible supports that can be provided in the classroom embedded into current practices and learning opportunities for all students across the board. This article addresses the connections between learning and mental health, practical takeaways for practitioners, and directions for future research.},
|
||||
pages = {39--58},
|
||||
number = {2},
|
||||
journaltitle = {Learning Assistance Review},
|
||||
author = {{VanderLind}, Ren},
|
||||
urldate = {2025-02-26},
|
||||
date = {2017},
|
||||
langid = {english},
|
||||
note = {Publisher: National College Learning Center Association
|
||||
{ERIC} Number: {EJ}1154566},
|
||||
keywords = {Academic Achievement, Anxiety, College Students, Correlation, Depression (Psychology), Gender Differences, Learning, Learning Theories, Mental Disorders, Mental Health, Metacognition, Personality Traits, Success},
|
||||
file = {Full Text PDF:/home/lhebendanz/Zotero/storage/SGNY7WPR/VanderLind - 2017 - Effects of Mental Health on Student Learning.pdf:application/pdf},
|
||||
title = {Effects of Mental Health on Student Learning},
|
||||
volume = {22},
|
||||
issn = {1087-0059},
|
||||
url = {https://eric.ed.gov/?id=EJ1154566},
|
||||
abstract = {Learning can be hindered by students' mental health.
|
||||
Given the increased reports of mental health concerns among college
|
||||
students, it is imperative that we understand how best to provide
|
||||
supports to this population to help them learn and succeed. This is
|
||||
particularly significant given the body of research that
|
||||
demonstrates how mental illness may negatively affect student
|
||||
success and degree persistence. In order to best serve this growing
|
||||
population, there are possible supports that can be provided in the
|
||||
classroom embedded into current practices and learning
|
||||
opportunities for all students across the board. This article
|
||||
addresses the connections between learning and mental health,
|
||||
practical takeaways for practitioners, and directions for future research.},
|
||||
pages = {39--58},
|
||||
number = {2},
|
||||
journaltitle = {Learning Assistance Review},
|
||||
author = {{VanderLind}, Ren},
|
||||
urldate = {2025-02-26},
|
||||
date = {2017},
|
||||
langid = {english},
|
||||
note = {Publisher: National College Learning Center Association
|
||||
{ERIC} Number: {EJ}1154566},
|
||||
keywords = {Academic Achievement, Anxiety, College Students,
|
||||
Correlation, Depression (Psychology), Gender Differences, Learning,
|
||||
Learning Theories, Mental Disorders, Mental Health, Metacognition,
|
||||
Personality Traits, Success},
|
||||
file = {Full Text
|
||||
PDF:/home/lhebendanz/Zotero/storage/SGNY7WPR/VanderLind - 2017 -
|
||||
Effects of Mental Health on Student Learning.pdf:application/pdf},
|
||||
}
|
||||
|
||||
@article{sinsebox_supervision_2020,
|
||||
title = {Supervision and Evaluation Practices That Impact Teacher Learning: A Case Study of Rural Teachers’ Perspectives},
|
||||
url = {https://fisherpub.sjf.edu/education_etd/474},
|
||||
shorttitle = {Supervision and Evaluation Practices That Impact Teacher Learning},
|
||||
journaltitle = {Education Doctoral},
|
||||
author = {Sinsebox, Jennifer},
|
||||
date = {2020-12-01},
|
||||
file = {"Supervision and Evaluation Practices That Impact Teacher Learning\: A C" by Jennifer L. Sinsebox:/home/lhebendanz/Zotero/storage/HWJMQJ9Z/474.html:text/html},
|
||||
title = {Supervision and Evaluation Practices That Impact Teacher
|
||||
Learning: A Case Study of Rural Teachers’ Perspectives},
|
||||
url = {https://fisherpub.sjf.edu/education_etd/474},
|
||||
shorttitle = {Supervision and Evaluation Practices That Impact
|
||||
Teacher Learning},
|
||||
journaltitle = {Education Doctoral},
|
||||
author = {Sinsebox, Jennifer},
|
||||
date = {2020-12-01},
|
||||
file = {"Supervision and Evaluation Practices That Impact Teacher
|
||||
Learning\: A C" by Jennifer L.
|
||||
Sinsebox:/home/lhebendanz/Zotero/storage/HWJMQJ9Z/474.html:text/html},
|
||||
}
|
||||
|
||||
@inproceedings{halkes_udp_2011,
|
||||
title = {{UDP} {NAT} and firewall puncturing in the wild},
|
||||
volume = {6641},
|
||||
isbn = {978-3-642-20797-6},
|
||||
doi = {10.1007/978-3-642-20798-3_1},
|
||||
abstract = {Peer-to-Peer (P2P) networks work on the presumption that all nodes in the network are connectable. However, {NAT} boxes and
|
||||
firewalls prevent connections to many nodes on the Internet. For {UDP} based protocols, the {UDP} hole-punching technique has
|
||||
been proposed to mitigate this problem.
|
||||
title = {{UDP} {NAT} and firewall puncturing in the wild},
|
||||
volume = {6641},
|
||||
isbn = {978-3-642-20797-6},
|
||||
doi = {10.1007/978-3-642-20798-3_1},
|
||||
abstract = {Peer-to-Peer (P2P) networks work on the presumption
|
||||
that all nodes in the network are connectable. However, {NAT} boxes and
|
||||
firewalls prevent connections to many nodes on the Internet. For
|
||||
{UDP} based protocols, the {UDP} hole-punching technique has
|
||||
been proposed to mitigate this problem.
|
||||
|
||||
This paper presents a study of the efficacy of {UDP} hole punching on the Internet in the context of an actual P2P network.
|
||||
To the best of our knowledge, no previous study has provided similar measurements. Our results show that {UDP} hole punching
|
||||
is an effective method to increase the connectability of peers on the Internet: approximately 64\% of all peers are behind
|
||||
a {NAT} box or firewall which should allow hole punching to work, and more than 80\% of hole punching attempts between these
|
||||
peers succeed.},
|
||||
pages = {1--12},
|
||||
author = {Halkes, Gertjan and Pouwelse, J.A.},
|
||||
date = {2011-06-01},
|
||||
file = {Full Text PDF:/home/lhebendanz/Zotero/storage/VUJQDDIG/Halkes and Pouwelse - 2011 - UDP NAT and firewall puncturing in the wild.pdf:application/pdf},
|
||||
This paper presents a study of the efficacy of {UDP} hole
|
||||
punching on the Internet in the context of an actual P2P network.
|
||||
To the best of our knowledge, no previous study has provided
|
||||
similar measurements. Our results show that {UDP} hole punching
|
||||
is an effective method to increase the connectability of peers on
|
||||
the Internet: approximately 64\% of all peers are behind
|
||||
a {NAT} box or firewall which should allow hole punching to work,
|
||||
and more than 80\% of hole punching attempts between these
|
||||
peers succeed.},
|
||||
pages = {1--12},
|
||||
author = {Halkes, Gertjan and Pouwelse, J.A.},
|
||||
date = {2011-06-01},
|
||||
file = {Full Text
|
||||
PDF:/home/lhebendanz/Zotero/storage/VUJQDDIG/Halkes and Pouwelse -
|
||||
2011 - UDP NAT and firewall puncturing in the wild.pdf:application/pdf},
|
||||
}
|
||||
|
||||
@inproceedings{lackorzynski_comparative_2019,
|
||||
title = {A Comparative Study on Virtual Private Networks for Future Industrial Communication Systems},
|
||||
url = {https://ieeexplore.ieee.org/document/8758010},
|
||||
doi = {10.1109/WFCS.2019.8758010},
|
||||
abstract = {The future industrial networks will not be created from scratch. Rather, they will grow from existing installations without displacing legacy components. The secure integration of these legacy machines and networks will become an important building block in order to realize the vision of Industry 4.0. Secure and high performance virtual private networks ({VPNs}) will be necessary for that purpose.Therefore, we investigated and compared various {VPN} solutions. Their performance was tested on multiple hardware platforms ranging from very resource constrained to very powerful. Non-functional aspects, relating around security, manageability and ease of use, were discussed in order to assess their suitability for future use cases.We arrive at clear recommendations on which software {VPN} solutions to choose for future industrial setups.},
|
||||
eventtitle = {2019 15th {IEEE} International Workshop on Factory Communication Systems ({WFCS})},
|
||||
pages = {1--8},
|
||||
booktitle = {2019 15th {IEEE} International Workshop on Factory Communication Systems ({WFCS})},
|
||||
author = {Lackorzynski, Tim and Köpsell, Stefan and Strufe, Thorsten},
|
||||
urldate = {2026-02-11},
|
||||
date = {2019-05},
|
||||
keywords = {Encryption, Hardware, industrial {IoT}, industrial networks, Industry, Logic gates, network security, Production facilities, secure transport, Software, tunneling, Virtual private networks, {VPN}},
|
||||
file = {PDF:/home/lhebendanz/Zotero/storage/6Q5SUJX5/Lackorzynski et al. - 2019 - A Comparative Study on Virtual Private Networks for Future Industrial Communication Systems.pdf:application/pdf;Snapshot:/home/lhebendanz/Zotero/storage/PXWNAC6D/8758010.html:text/html},
|
||||
title = {A Comparative Study on Virtual Private Networks for Future
|
||||
Industrial Communication Systems},
|
||||
url = {https://ieeexplore.ieee.org/document/8758010},
|
||||
doi = {10.1109/WFCS.2019.8758010},
|
||||
abstract = {The future industrial networks will not be created from
|
||||
scratch. Rather, they will grow from existing installations without
|
||||
displacing legacy components. The secure integration of these
|
||||
legacy machines and networks will become an important building
|
||||
block in order to realize the vision of Industry 4.0. Secure and
|
||||
high performance virtual private networks ({VPNs}) will be
|
||||
necessary for that purpose.Therefore, we investigated and compared
|
||||
various {VPN} solutions. Their performance was tested on multiple
|
||||
hardware platforms ranging from very resource constrained to very
|
||||
powerful. Non-functional aspects, relating around security,
|
||||
manageability and ease of use, were discussed in order to assess
|
||||
their suitability for future use cases.We arrive at clear
|
||||
recommendations on which software {VPN} solutions to choose for
|
||||
future industrial setups.},
|
||||
eventtitle = {2019 15th {IEEE} International Workshop on Factory
|
||||
Communication Systems ({WFCS})},
|
||||
pages = {1--8},
|
||||
booktitle = {2019 15th {IEEE} International Workshop on Factory
|
||||
Communication Systems ({WFCS})},
|
||||
author = {Lackorzynski, Tim and Köpsell, Stefan and Strufe, Thorsten},
|
||||
urldate = {2026-02-11},
|
||||
date = {2019-05},
|
||||
keywords = {Encryption, Hardware, industrial {IoT}, industrial
|
||||
networks, Industry, Logic gates, network security, Production
|
||||
facilities, secure transport, Software, tunneling, Virtual private
|
||||
networks, {VPN}},
|
||||
file = {PDF:/home/lhebendanz/Zotero/storage/6Q5SUJX5/Lackorzynski
|
||||
et al. - 2019 - A Comparative Study on Virtual Private Networks for
|
||||
Future Industrial Communication
|
||||
Systems.pdf:application/pdf;Snapshot:/home/lhebendanz/Zotero/storage/PXWNAC6D/8758010.html:text/html},
|
||||
}
|
||||
|
||||
@online{noauthor_nat_2026,
|
||||
title = {{NAT} Traversal: How It Works},
|
||||
url = {https://dev.to/alakkadshaw/nat-traversal-how-it-works-4dnc},
|
||||
shorttitle = {{NAT} Traversal},
|
||||
abstract = {{NAT} traversal is the set of techniques that solves this problem: discovering public addresses,...},
|
||||
titleaddon = {{DEV} Community},
|
||||
urldate = {2026-02-11},
|
||||
date = {2026-01-30},
|
||||
langid = {english},
|
||||
file = {Snapshot:/home/lhebendanz/Zotero/storage/UHJQ84AV/nat-traversal-how-it-works-4dnc.html:text/html},
|
||||
title = {{NAT} Traversal: How It Works},
|
||||
url = {https://dev.to/alakkadshaw/nat-traversal-how-it-works-4dnc},
|
||||
shorttitle = {{NAT} Traversal},
|
||||
abstract = {{NAT} traversal is the set of techniques that solves
|
||||
this problem: discovering public addresses,...},
|
||||
titleaddon = {{DEV} Community},
|
||||
urldate = {2026-02-11},
|
||||
date = {2026-01-30},
|
||||
langid = {english},
|
||||
file =
|
||||
{Snapshot:/home/lhebendanz/Zotero/storage/UHJQ84AV/nat-traversal-how-it-works-4dnc.html:text/html},
|
||||
}
|
||||
|
||||
@software{krause_krausestjs-framework-benchmark_2026,
|
||||
title = {krausest/js-framework-benchmark},
|
||||
rights = {Apache-2.0},
|
||||
url = {https://github.com/krausest/js-framework-benchmark},
|
||||
abstract = {A comparison of the performance of a few popular javascript frameworks},
|
||||
author = {Krause, Stefan},
|
||||
urldate = {2026-02-11},
|
||||
date = {2026-02-11},
|
||||
note = {original-date: 2015-12-09T20:10:53Z},
|
||||
title = {krausest/js-framework-benchmark},
|
||||
rights = {Apache-2.0},
|
||||
url = {https://github.com/krausest/js-framework-benchmark},
|
||||
abstract = {A comparison of the performance of a few popular
|
||||
javascript frameworks},
|
||||
author = {Krause, Stefan},
|
||||
urldate = {2026-02-11},
|
||||
date = {2026-02-11},
|
||||
note = {original-date: 2015-12-09T20:10:53Z},
|
||||
}
|
||||
|
||||
@article{leung_overview_2007,
|
||||
title = {An Overview of Packet Reordering in Transmission Control Protocol ({TCP}): Problems, Solutions, and Challenges},
|
||||
volume = {18},
|
||||
issn = {1558-2183},
|
||||
url = {https://ieeexplore.ieee.org/document/4118693},
|
||||
doi = {10.1109/TPDS.2007.1011},
|
||||
shorttitle = {An Overview of Packet Reordering in Transmission Control Protocol ({TCP})},
|
||||
abstract = {Transmission control protocol ({TCP}) is the most popular transport layer protocol for the Internet. Due to various reasons, such as multipath routing, route fluttering, and retransmissions, packets belonging to the same flow may arrive out of order at a destination. Such packet reordering violates the design principles of some traffic control mechanisms in {TCP} and, thus, poses performance problems. In this paper, we provide a comprehensive and in-depth survey on recent research on packet reordering in {TCP}. The causes and problems for packet reordering are discussed. Various representative algorithms are examined and compared by computer simulations. The ported program codes and simulation scripts are available for download. Some open questions are discussed to stimulate further research in this area},
|
||||
pages = {522--535},
|
||||
number = {4},
|
||||
journaltitle = {{IEEE} Transactions on Parallel and Distributed Systems},
|
||||
author = {Leung, Ka-cheong and Li, Victor O.k. and Yang, Daiqin},
|
||||
urldate = {2026-02-16},
|
||||
date = {2007-04},
|
||||
keywords = {{ARPANET}, Communication system control, Computational modeling, Computer simulations of {TCP}, congestion control, flow control, Internet, {IP} networks, Out of order, packet reordering, Routing, Telecommunication network reliability, Traffic control, Transmission Control Protocol ({TCP})., Transport protocols},
|
||||
file = {Snapshot:/home/lhebendanz/Zotero/storage/NEVVLVJL/4118693.html:text/html;Submitted Version:/home/lhebendanz/Zotero/storage/5SQILKLX/Leung et al. - 2007 - An Overview of Packet Reordering in Transmission Control Protocol (TCP) Problems, Solutions, and Ch.pdf:application/pdf},
|
||||
title = {An Overview of Packet Reordering in Transmission Control
|
||||
Protocol ({TCP}): Problems, Solutions, and Challenges},
|
||||
volume = {18},
|
||||
issn = {1558-2183},
|
||||
url = {https://ieeexplore.ieee.org/document/4118693},
|
||||
doi = {10.1109/TPDS.2007.1011},
|
||||
shorttitle = {An Overview of Packet Reordering in Transmission
|
||||
Control Protocol ({TCP})},
|
||||
abstract = {Transmission control protocol ({TCP}) is the most
|
||||
popular transport layer protocol for the Internet. Due to various
|
||||
reasons, such as multipath routing, route fluttering, and
|
||||
retransmissions, packets belonging to the same flow may arrive out
|
||||
of order at a destination. Such packet reordering violates the
|
||||
design principles of some traffic control mechanisms in {TCP} and,
|
||||
thus, poses performance problems. In this paper, we provide a
|
||||
comprehensive and in-depth survey on recent research on packet
|
||||
reordering in {TCP}. The causes and problems for packet reordering
|
||||
are discussed. Various representative algorithms are examined and
|
||||
compared by computer simulations. The ported program codes and
|
||||
simulation scripts are available for download. Some open questions
|
||||
are discussed to stimulate further research in this area},
|
||||
pages = {522--535},
|
||||
number = {4},
|
||||
journaltitle = {{IEEE} Transactions on Parallel and Distributed Systems},
|
||||
author = {Leung, Ka-cheong and Li, Victor O.k. and Yang, Daiqin},
|
||||
urldate = {2026-02-16},
|
||||
date = {2007-04},
|
||||
keywords = {{ARPANET}, Communication system control, Computational
|
||||
modeling, Computer simulations of {TCP}, congestion control, flow
|
||||
control, Internet, {IP} networks, Out of order, packet reordering,
|
||||
Routing, Telecommunication network reliability, Traffic control,
|
||||
Transmission Control Protocol ({TCP})., Transport protocols},
|
||||
file =
|
||||
{Snapshot:/home/lhebendanz/Zotero/storage/NEVVLVJL/4118693.html:text/html;Submitted
|
||||
Version:/home/lhebendanz/Zotero/storage/5SQILKLX/Leung et al. -
|
||||
2007 - An Overview of Packet Reordering in Transmission Control
|
||||
Protocol (TCP) Problems, Solutions, and Ch.pdf:application/pdf},
|
||||
}
|
||||
|
||||
@inproceedings{mcclellan_estimating_2013,
|
||||
title = {Estimating Retransmission Timeouts in {IP}-Based Transport Protocols},
|
||||
author = {{McClellan}, Stan and Peng, Wuxu},
|
||||
date = {2013-04-01},
|
||||
file = {Full Text PDF:/home/lhebendanz/Zotero/storage/9PZP9SVG/McClellan and Peng - 2013 - Estimating Retransmission Timeouts in IP-Based Transport Protocols.pdf:application/pdf},
|
||||
title = {Estimating Retransmission Timeouts in {IP}-Based Transport
|
||||
Protocols},
|
||||
author = {{McClellan}, Stan and Peng, Wuxu},
|
||||
date = {2013-04-01},
|
||||
file = {Full Text
|
||||
PDF:/home/lhebendanz/Zotero/storage/9PZP9SVG/McClellan and Peng -
|
||||
2013 - Estimating Retransmission Timeouts in IP-Based Transport
|
||||
Protocols.pdf:application/pdf},
|
||||
}
|
||||
|
||||
@misc{guo_implementation_2025,
|
||||
title = {Implementation and Performance Evaluation of {TCP} over {QUIC} Tunnels},
|
||||
url = {http://arxiv.org/abs/2504.10054},
|
||||
doi = {10.48550/arXiv.2504.10054},
|
||||
abstract = {{QUIC}, a {UDP}-based transport protocol, addresses several limitations of {TCP} by offering built-in encryption, stream multiplexing, and improved loss recovery. To extend these benefits to legacy {TCP}-based applications, this paper explores the implementation and evaluation of a {TCP} over {QUIC} tunneling approach. A lightweight, stream-based tunnel is constructed using the Rust-based Quinn library, enabling {TCP} traffic to traverse {QUIC} connections transparently. Performance is evaluated under varying network conditions, including packet loss, high latency, and out-of-order delivery. Results indicate that {TCP} over {QUIC} maintains significantly higher throughput than native {TCP} in lossy or unstable environments, with up to a high improvement under 20{\textbackslash}\% packet loss. However, under ideal network conditions, tunneling introduces modest overhead due to encryption and user-space processing. These findings provide insights into the trade-offs of {TCP} over {QUIC} tunneling and its suitability for deployment in dynamic or impaired networks.},
|
||||
number = {{arXiv}:2504.10054},
|
||||
publisher = {{arXiv}},
|
||||
author = {Guo, Xuanhong and Bao, Zekun and Chen, Ying},
|
||||
urldate = {2026-02-16},
|
||||
date = {2025-10-07},
|
||||
eprinttype = {arxiv},
|
||||
eprint = {2504.10054 [cs]},
|
||||
keywords = {Computer Science - Networking and Internet Architecture},
|
||||
file = {Preprint PDF:/home/lhebendanz/Zotero/storage/FXJSBRXL/Guo et al. - 2025 - Implementation and Performance Evaluation of TCP over QUIC Tunnels.pdf:application/pdf;Snapshot:/home/lhebendanz/Zotero/storage/LJ56UH99/2504.html:text/html},
|
||||
title = {Implementation and Performance Evaluation of {TCP} over
|
||||
{QUIC} Tunnels},
|
||||
url = {http://arxiv.org/abs/2504.10054},
|
||||
doi = {10.48550/arXiv.2504.10054},
|
||||
abstract = {{QUIC}, a {UDP}-based transport protocol, addresses
|
||||
several limitations of {TCP} by offering built-in encryption,
|
||||
stream multiplexing, and improved loss recovery. To extend these
|
||||
benefits to legacy {TCP}-based applications, this paper explores
|
||||
the implementation and evaluation of a {TCP} over {QUIC} tunneling
|
||||
approach. A lightweight, stream-based tunnel is constructed using
|
||||
the Rust-based Quinn library, enabling {TCP} traffic to traverse
|
||||
{QUIC} connections transparently. Performance is evaluated under
|
||||
varying network conditions, including packet loss, high latency,
|
||||
and out-of-order delivery. Results indicate that {TCP} over {QUIC}
|
||||
maintains significantly higher throughput than native {TCP} in
|
||||
lossy or unstable environments, with up to a high improvement under
|
||||
20{\textbackslash}\% packet loss. However, under ideal network
|
||||
conditions, tunneling introduces modest overhead due to encryption
|
||||
and user-space processing. These findings provide insights into the
|
||||
trade-offs of {TCP} over {QUIC} tunneling and its suitability for
|
||||
deployment in dynamic or impaired networks.},
|
||||
number = {{arXiv}:2504.10054},
|
||||
publisher = {{arXiv}},
|
||||
author = {Guo, Xuanhong and Bao, Zekun and Chen, Ying},
|
||||
urldate = {2026-02-16},
|
||||
date = {2025-10-07},
|
||||
eprinttype = {arxiv},
|
||||
eprint = {2504.10054 [cs]},
|
||||
keywords = {Computer Science - Networking and Internet Architecture},
|
||||
file = {Preprint PDF:/home/lhebendanz/Zotero/storage/FXJSBRXL/Guo
|
||||
et al. - 2025 - Implementation and Performance Evaluation of TCP
|
||||
over QUIC
|
||||
Tunnels.pdf:application/pdf;Snapshot:/home/lhebendanz/Zotero/storage/LJ56UH99/2504.html:text/html},
|
||||
}
|
||||
|
||||
@report{whitner_improved_2008,
|
||||
title = {Improved Packet Reordering Metrics},
|
||||
url = {https://datatracker.ietf.org/doc/rfc5236},
|
||||
abstract = {This document presents two improved metrics for packet reordering, namely, Reorder Density ({RD}) and Reorder Buffer-occupancy Density ({RBD}). A threshold is used to clearly define when a packet is considered lost, to bound computational complexity at O(N), and to keep the memory requirement for evaluation independent of N, where N is the length of the packet sequence. {RD} is a comprehensive metric that captures the characteristics of reordering, while {RBD} evaluates the sequences from the point of view of recovery from reordering. These metrics are simple to compute yet comprehensive in their characterization of packet reordering. The measures are robust and orthogonal to packet loss and duplication. This memo provides information for the Internet community.},
|
||||
number = {{RFC} 5236},
|
||||
institution = {Internet Engineering Task Force},
|
||||
type = {Request for Comments},
|
||||
author = {Whitner, Rick and Banka, Tarun and Piratla, Nischal M. and Bare, Abhijit A. and Jayasumana, Professor Anura P.},
|
||||
urldate = {2026-02-16},
|
||||
date = {2008-06},
|
||||
doi = {10.17487/RFC5236},
|
||||
note = {Num Pages: 26},
|
||||
file = {Full Text PDF:/home/lhebendanz/Zotero/storage/KM9D625Y/Whitner et al. - 2008 - Improved Packet Reordering Metrics.pdf:application/pdf},
|
||||
title = {Improved Packet Reordering Metrics},
|
||||
url = {https://datatracker.ietf.org/doc/rfc5236},
|
||||
abstract = {This document presents two improved metrics for packet
|
||||
reordering, namely, Reorder Density ({RD}) and Reorder
|
||||
Buffer-occupancy Density ({RBD}). A threshold is used to clearly
|
||||
define when a packet is considered lost, to bound computational
|
||||
complexity at O(N), and to keep the memory requirement for
|
||||
evaluation independent of N, where N is the length of the packet
|
||||
sequence. {RD} is a comprehensive metric that captures the
|
||||
characteristics of reordering, while {RBD} evaluates the sequences
|
||||
from the point of view of recovery from reordering. These metrics
|
||||
are simple to compute yet comprehensive in their characterization
|
||||
of packet reordering. The measures are robust and orthogonal to
|
||||
packet loss and duplication. This memo provides information for the
|
||||
Internet community.},
|
||||
number = {{RFC} 5236},
|
||||
institution = {Internet Engineering Task Force},
|
||||
type = {Request for Comments},
|
||||
author = {Whitner, Rick and Banka, Tarun and Piratla, Nischal M.
|
||||
and Bare, Abhijit A. and Jayasumana, Professor Anura P.},
|
||||
urldate = {2026-02-16},
|
||||
date = {2008-06},
|
||||
doi = {10.17487/RFC5236},
|
||||
note = {Num Pages: 26},
|
||||
file = {Full Text
|
||||
PDF:/home/lhebendanz/Zotero/storage/KM9D625Y/Whitner et al. - 2008
|
||||
- Improved Packet Reordering Metrics.pdf:application/pdf},
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user