IPOP/SocialVPN: A Self-Organizing Virtual Network for Wide-Area Environments.

To address the limited availability of public IP (internet protocol) address space, NATs (Network Address Translators) have increasingly been deployed to allow multiple devices to share a single address. This creates a situation where nodes are no longer able to directly address and communicate with peers behind NATs, preventing many existing wide-area applications from being deployed, or requiring application modifications to implement NAT traversal. IPOP is a self-configuring IP-over-P2P virtual network overlay which provides the capability for nodes behind NATs and some firewalls to appear all in the same network space. IPOP is transparent to applications and can be deployed on a variety of operating systems, thus seamlessly integrating with unmodified off-the-shelf software.

Click here for more information about IPOP (http://ipop-project.org) or SocialVPN (http://socialvpn.org)

The key features of IPOP include:

  • Self-configuration - The IPOP process, once started, autonomously connects to the overlay network and acquires an address via DHCP [1],[3]. The handling of DHCP requests is fully decentralized, using a Distributed Hash Table (DHT).
  • Self-healing - IPOP is built on top of the Brunet P2P network overlay, which provides scalable mechanisms for maintaining a routable overlay network in the event of nodes leaving or joining the system.
  • Self-optimizing - IPOP autonomously forms 1-hop Brunet overlay connections between nodes which frequently communicate at the virtual IP layer [2].
  • NAT/Firewall traversal - Brunet supports the ability to traverse NATs such that two nodes behind two different NATs can communicate directly to each other. Brunet uses UDP hole-punching techniques that are completely decentralized.
  • Support for unmodified applications - IPOP presents to wide-area applications a virtual network interface connected to a virtual private network, functionally equivalent to a local-area network environment.
  • Portability - IPOP is a user-level application written in C#; run-time environments for C# (Mono, .NET) are available for several O/Ss. To date, IPOP has been ported to Linux and Windows.

Experiments quantifying overlay link latency/bandwidth, response times to establish 1-hop direct connections and DHCP-over-DHT are presented in [1,2,3]. IPOP has been successfully integrated with virtual machines and Grid middleware to support ad-hoc high-throughput computing systems [4].

[1] Ganguly, A., A. Agrawal, P. Boykin and R. Figueiredo, "IP over P2P: Enabling Self-Configuring Virtual IP Networks for Grid Computing," IPDPS, 2006.
[2] Ganguly, A., A. Agrawal, P. Boykin, R. Figueiredo, "WOW: Self-Organizing Wide Area Overlay Networks of Virtual Workstations," HPDC, 2006.
[3] Ganguly, A., D. Wolinsky, P. Boykin and R. Figueiredo, "Decentralized dynamic host configuration in Wide Area Overlays of Virtual Workstations," PCGrid, March 2007.
[4] Wolinsky, D., A. Agrawal, P. Boykin, J. Davis, A. Ganguly, V. Paramygin, P. Sheng, R. Figueiredo, "On the design of Virtual Machine Sandboxes for Distributed Computing in Wide Area Overlays of Virtual Workstations," VTDC, 2006.
[5] Pierre St Juste, David Wolinsky, P. Oscar Boykin, Michael Covington, and Renato Figueiredo,“SocialVPN: Enabling Wide-Area Collaboration with Integrated Social and Overlay Networks,’ Journal of Computer Networks, Vol. 54, No. 12.

Download the poster here

This material is based upon work supported by the National Science Foundation under Grant No. 0910812, 0855031 and 1127965 (PI: Renato Figueiredo). Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the National Science Foundation.