171 lines
6.1 KiB
TeX
171 lines
6.1 KiB
TeX
\chapter{Motivation} % Main chapter title
|
|
|
|
\label{Motivation}
|
|
|
|
This thesis emerged from two interconnected research directions.
|
|
The initial focus was the Clan deployment framework,
|
|
which leverages Nix and NixOS to eliminate
|
|
entire classes of errors prevalent in contemporary infrastructure deployment.
|
|
By doing so, Clan reduces operational overhead to a degree
|
|
where a single administrator can reliably self-host
|
|
complex distributed services at scale.
|
|
|
|
During the development of the Clan framework,
|
|
which depends heavily on overlay VPNs for secure peer connectivity,
|
|
a recurring challenge became apparent:
|
|
practitioners held divergent preferences for mesh VPN solutions,
|
|
each citing different edge cases where their chosen VPN
|
|
proved unreliable or lacked essential features.
|
|
These discussions, however, were largely grounded in anecdotal evidence
|
|
rather than systematic evaluation.
|
|
This observation revealed a clear need for
|
|
rigorous, evidence-based comparison of Peer-to-Peer overlay VPN implementations.
|
|
|
|
However, existing research on benchmarking peer-to-peer overlay networks
|
|
remains sparse.
|
|
One notable work from 2024, ``Full-mesh VPN performance evaluation
|
|
for a secure edge-cloud continuum'' \cite{kjorveziroski_full-mesh_2024},
|
|
benchmarks a subset of available overlay VPNs but focuses primarily
|
|
on solutions with a central point of failure.
|
|
In contrast, this thesis evaluates more widely adopted VPNs
|
|
with an emphasis on fully decentralized architectures.
|
|
Furthermore, that study relied exclusively on iperf3 for performance measurement,
|
|
whereas our benchmark suite includes additional real-world workloads
|
|
to better reflect practical usage patterns.
|
|
|
|
A further motivation for this work was to create a fully automated
|
|
benchmarking framework capable of generating a public leaderboard,
|
|
similar in spirit to the js-framework-benchmark
|
|
(see Figure~\ref{fig:js-framework-benchmark}).
|
|
By providing an accessible web interface with regularly updated results,
|
|
we hope to encourage P2P VPN developers to optimize their implementations
|
|
in pursuit of top rankings.
|
|
|
|
\begin{figure}[H]
|
|
\centering
|
|
\includegraphics[width=1\textwidth]{Figures/krause-js-framework.png}
|
|
\caption{js-framework-benchmark results for Chrome 144.0
|
|
\cite{krause_krausestjs-framework-benchmark_2026}}
|
|
\label{fig:js-framework-benchmark}
|
|
\end{figure}
|
|
|
|
\subsection{The Case for Decentralized Self-Hosting}
|
|
|
|
The need for reliable overlay VPNs extends beyond the Clan project.
|
|
Peer-to-peer architectures underpin a wide range of modern systems---from
|
|
IoT edge computing to content delivery networks and blockchain platforms
|
|
like Ethereum---enabling censorship-resistant, fault-tolerant infrastructure
|
|
by eliminating single points of failure \cite{shukla_towards_2021}.
|
|
|
|
However, realizing these benefits requires distributing nodes across
|
|
diverse hosting entities.
|
|
In practice, this diversity remains elusive:
|
|
Amazon, Hetzner, and OVH collectively host 70\% of all Ethereum nodes
|
|
(see Figure~\ref{fig:ethernodes_hosting}),
|
|
concentrating nominally decentralized infrastructure within
|
|
a handful of providers subject to common regulatory jurisdictions.
|
|
|
|
\begin{figure}[H]
|
|
\centering
|
|
\includegraphics[width=1\textwidth]{Figures/ethernodes_hosting.png}
|
|
\caption{Distribution of Ethereum nodes hosted by various providers
|
|
\cite{noauthor_isps_nodate}}
|
|
\label{fig:ethernodes_hosting}
|
|
\end{figure}
|
|
|
|
This centralization persists because self-hosting remains prohibitively complex.
|
|
Key challenges include:
|
|
|
|
\begin{itemize}
|
|
\item \textbf{Network Connectivity:}
|
|
NAT traversal, dynamic IP addresses, and firewall configurations
|
|
require technical workarounds such as port forwarding, relay servers,
|
|
or Dynamic DNS services.
|
|
|
|
\item \textbf{Security:}
|
|
Operators must secure data in transit, authenticate connections,
|
|
and defend against attacks---responsibilities that cloud providers
|
|
typically abstract away.
|
|
|
|
\item \textbf{Reliability:}
|
|
Ensuring data durability, maintaining uptime during hardware failures
|
|
or power outages, and handling peer churn in dynamic networks
|
|
demand continuous attention.
|
|
|
|
\item \textbf{Operational Overhead:}
|
|
System administration tasks---updates, troubleshooting, configuration
|
|
management---present a steep learning curve for non-technical users.
|
|
\end{itemize}
|
|
|
|
The Clan project addresses these barriers by making self-hosting
|
|
as straightforward as using a cloud provider.
|
|
As illustrated in Figure~\ref{fig:vision-stages}, Clan envisions
|
|
a web interface that enables users to design and deploy private P2P networks
|
|
with minimal configuration, assisted by an integrated LLM
|
|
for contextual guidance and troubleshooting.
|
|
|
|
\begin{figure}[h!]
|
|
\centering
|
|
|
|
% Row 1
|
|
\begin{subfigure}{0.45\textwidth}
|
|
\centering
|
|
\includegraphics[width=\linewidth]{Figures/vision/stage1.png}
|
|
\caption{Stage 1}
|
|
\end{subfigure}
|
|
\hfill
|
|
\begin{subfigure}{0.45\textwidth}
|
|
\centering
|
|
\includegraphics[width=\linewidth]{Figures/vision/stage2.png}
|
|
\caption{Stage 2}
|
|
\end{subfigure}
|
|
|
|
\vspace{1em} % Add spacing between rows
|
|
|
|
% Row 2
|
|
\begin{subfigure}{0.45\textwidth}
|
|
\centering
|
|
\includegraphics[width=\linewidth]{Figures/vision/stage3.png}
|
|
\caption{Stage 3}
|
|
\end{subfigure}
|
|
\hfill
|
|
\begin{subfigure}{0.45\textwidth}
|
|
\centering
|
|
\includegraphics[width=\linewidth]{Figures/vision/stage4.png}
|
|
\caption{Stage 4}
|
|
\end{subfigure}
|
|
|
|
\vspace{1em} % Add spacing between rows
|
|
|
|
% Row 3
|
|
\begin{subfigure}{0.45\textwidth}
|
|
\centering
|
|
\includegraphics[width=\linewidth]{Figures/vision/stage5.png}
|
|
\caption{Stage 5}
|
|
\end{subfigure}
|
|
\hfill
|
|
\begin{subfigure}{0.45\textwidth}
|
|
\centering
|
|
\includegraphics[width=\linewidth]{Figures/vision/stage6.png}
|
|
\caption{Stage 6}
|
|
\end{subfigure}
|
|
|
|
\vspace{1em} % Add spacing between rows
|
|
|
|
% Row 4
|
|
\begin{subfigure}{0.45\textwidth}
|
|
\centering
|
|
\includegraphics[width=\linewidth]{Figures/vision/stage7.png}
|
|
\caption{Stage 7}
|
|
\end{subfigure}
|
|
\hfill
|
|
\begin{subfigure}{0.45\textwidth}
|
|
\centering
|
|
\includegraphics[width=\linewidth]{Figures/vision/stage8.png}
|
|
\caption{Stage 8}
|
|
\end{subfigure}
|
|
|
|
\caption{Visionary Webinterface to Setup a Clan Family Network}
|
|
\label{fig:vision-stages}
|
|
\end{figure}
|