Luis/clan-master-thesis
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

several fixups discussed on tuesday

Browse Source
This commit is contained in:
Qubasa
2026-03-06 17:34:41 +01:00
parent c168a1b441
commit b6ac4e20bf
5 changed files with 44 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

44
Chapters/Background.tex Normal file
View File

@@ -0,0 +1,44 @@
\chapter{Background} % Main chapter title
\label{Background}
\subsection{Nix: A Safe and Policy-Free System for Software Deployment}
Nix addresses significant issues in software deployment by utilizing
cryptographic hashes to ensure unique paths for component instances
\cite{dolstra_nix_2004}. Features such as concurrent installation of
multiple versions, atomic upgrades, and safe garbage collection make
Nix a flexible deployment system. This work uses Nix to ensure that
all VPN builds and system configurations are deterministic.
\subsection{NixOS: A Purely Functional Linux Distribution}
NixOS extends Nix principles to Linux system configuration
\cite{dolstra_nixos_2008}. System configurations are reproducible and
isolated from stateful interactions typical in imperative package
management. This property is essential for ensuring identical test
environments across benchmark runs.
\subsection{UDP NAT and Firewall Puncturing in the Wild}
Halkes and Pouwelse~\cite{halkes_udp_2011} measure UDP hole punching
efficacy on a live P2P network using the Tribler BitTorrent client.
Their study finds that 79\% of peers are unreachable due to NAT or
firewall restrictions, yet 64\% reside behind configurations amenable
to hole punching. Among compatible peers, over 80\% of puncturing
attempts succeed, establishing hole punching as a practical NAT
traversal technique. Their timeout measurements further indicate that
keep-alive messages must be sent at least every 55 seconds to maintain
open NAT mappings.
These findings directly inform the evaluation criteria for this thesis.
All mesh VPNs tested rely on UDP hole punching for NAT traversal;
the 80\% success rate sets a baseline expectation, while the 55-second
timeout informs analysis of each implementation's keep-alive behavior
during source code review.
\subsection{An Overview of Packet Reordering in TCP}
TODO \cite{leung_overview_2007}
\subsection{Performance Evaluation of TCP over QUIC Tunnels}
TODO \cite{guo_implementation_2025}