#ls2 (irc2p) | #ls2 I2P Protocol Development Discussion - Next Meeting Monday, October 9th 6:30 UTC

eyedeekay I started by taking the handshake functions from NoiseSocket which was an existing implementation of a noise tunnel and adapting them to the go-i2p transport interfaces

eyedeekay Which led to me figuring out the differences between the NoiseSocket handshake and the needs of my "hypothetical unmodded noise transport" thing that I've been doing

eyedeekay Which is that NoiseSocket is client-server and expects that, so what I actually had to do was to refactor it to decide based on whether we're connecting to somebody or somebody is connecting to us, so now I understand the difference between clients and servers and alices and bobs better

eyedeekay But the long and short of it is I think I'm pretty close to actually being able to send a message across it for real

eyedeekay It's still very messy but close to actually doing something

zzz yeah, for sure, you're either alice or bob, and those are very different

zzz and really have to be debugged independently

orignal but if you are Alice you must know Bob's RI

orignal meaning partial netdb implemnetation

eyedeekay I am using fake ones right now but yes I do have a partial netDb implementation already

zzz we've done this 4 times now. the important thing is looking at the state on each side: eph. and static keys, chaining key, hash, etc

eyedeekay I'm just constructing something that fills up the object

zzz bugs almost always result from some mismatch

eyedeekay Yeah there was a lot of locking elaboration in NoiseSocket that to be perfectly honest hadn't even occurred to me yet but it was very helpful to work from

zzz sure, it's a state machine, so you can only be processing one message at a time

zzz (per socket)

orignal you need to send it in SessionConfirmed

orignal with correct signature etc.

zzz good stuff

eyedeekay orignal you're talking about for when I try and start making connections instead of just defining the sequence of things that happen on a connection, right?

eyedeekay Right now what I've got is noise stuff(Handshake) happening on a socket implementation that almost works so I think I know what you mean

eyedeekay And I'll be trying it soon

zzz anything else on 1) ?

orignal I'm just telling you the scope

orignal if you are trying to connect to a real router

orignal including your own

eyedeekay Nothing else for me

orignal but guys hinestly

eyedeekay OK thanks orignal for your help

orignal SSU2 looks much more prospective than NTCP2

zzz what do you mean prospective?

orignal faster, less load

orignal more dpi resistant

zzz sure, but he's having enough trouble with NTCP2. SSU2 is 4x harder

zzz I think he's on the right path

orignal yes he is

orignal but he might want to think about common code for both

zzz we don't want him crying in the corner :)

orignal right now I have spgetti code

orignal becuase SSU is too different

eyedeekay That's a good point though, I'm not quite there yet but I think I'll have a better perspective on how to do the common code after I get done with this initial fake transport

orignal from NTCP2 and SSU2

zzz anything else on 1) ?

orignal no

eyedeekay no

zzz 2) meeting schedule

orignal I suggest one in two week

orignal because not too much to discuss at this point

zzz that's fine by me, for now. Maybe through the end of the year?

zzz or does eyedeekay need every week for go-i2p motivation?

orignal maybe

eyedeekay I'm fine with that, I'll be doing about the same thing every meeting for the rest of the year

orignal up to him

eyedeekay I'm fine with every 2 weeks though, I'll have more to say per meeting is all

orignal me too

zzz of course, never need to wait for a meeting to discuss things.

zzz that's what the channel is here for

zzz ok, so next meeting halloween, oct. 31 ?

orignal yes, fine for me

eyedeekay Pacing might be better

zzz ok, let's try it, can always change back any time

zzz I have a quick 3)

zzz anything else on 2) ?

orignal no

eyedeekay no

zzz 3) hole punch

zzz we discussed a few days ago, when I was answering orignal's question about proxy port

zzz I answered the wrong thing

zzz but got me thinking

zzz for symmetric NAT, charlie doesn't know his own port

zzz so port in the relay response block is probably wrong

orignal why?

zzz because each "session" has a different port

orignal Charlie knows it from Bob

orignal it's not neccesary however

zzz yeah but when alice gets the hole punch, it won't be from that port

zzz example:

zzz EstablishmentManager: Hole punch source mismatch on OES2 v-9prH [Hash: v-9prHa6MrUcuZN8BQwcJL0xjZm1ujxEQ9TKfn~2Ifw=] lifetime: 96ms Rcv ID: 3860917032206725661 Send ID: -7079722670705281909 OB_STATE_PENDING_INTRO Introducers: {[Hash: 1wSo0ri1tvuStLf-1gBbF-I0s5wvLargiFcFViFtHwM=]=INTRO_STATE_SUCCESS, [Hash: tPcd9GdprLXJWPWUyS-z~5x7Mhv3VZYs1v8jGuUCgPw=]=INTRO_STATE_INIT, [Hash: BpATV4o2-r6~pbHjtleL5Qgo7Wn-5f1N6oGROvxyiEg=

zzz ]=INTRO_STATE_INIT} resp. block: 163.182.172.114:19352 rcvd. from: 163.182.172.114:13226

zzz response block in the hole punch said port 19352

zzz but the hole punch came from port 13226

R4SAS orignal: Charlie will never be able to connect to Alice with proxy. There is the same thing like with NAT

R4SAS proxy will that NAT device

zzz yeah this is not the proxy case.

R4SAS will be *

orignal he will

zzz just regular symmetric NAT

orignal if no symmetric NAT

orignal and it works now

zzz (orignal's proxy question just got me thinking)

orignal both routers behind NAT can connect to each other

zzz SO, anyway, I'm Alice. I sent the Session Request to Charlie to port 13226 (where the hole punch came from)

zzz and it worked

R4SAS proxy server will make external mapping to different outgoing ports

zzz so, my recommendation is, if the hole punch comes from a differnt port, send the session request to that port instead

zzz (we may or may not have done that for SSU 1, I don't remember)

orignal but how do you know this port?

zzz it's the source port for the hole punch msg

R4SAS you'll wouldn't know

orignal yes but different from relay response

zzz yes you do

zzz right, different from relay response

orignal it you don't check ports wouldn't be a room for an attack?

zzz I still check if the from-IP matches the relay response block IP

zzz and I still check if the port is a valid port

orignal I mean why do we even need a relay response then?

orignal ok. IP only

orignal fine than

orignal think you for hint

orignal I will take port from HolePunch

zzz so this will allow routers behind symmetric NAT to get incoming connections

orignal great

orignal now, what if Alice is behind stymmetric nat?

orignal trying to connect to a router through introducer

zzz alice only? or both alice and charlie?

orignal alice is symmetric nat

orignal bob is just nat

orignal not syttemtric

zzz should work fine, right?

orignal no

orignal sorry not bob

orignal charlie

orignal alice sends her ennpoint with wrong port

zzz so alice doesn't get the hole punch, it's blocked by her symmetric nat

zzz alice gets the relay response from bob

zzz and sends session request to charlie as usual

orignal charlie send HolePunch to that worng port

zzz doesn't matter, it still opened the port on charlies' firewall

orignal agree

zzz pKWyqn is one router that seems very confused

orignal what's that?

zzz for 89.187.163.198:39261 via 89.187.163.218:39261

zzz sometimes has wrong IP

zzz sometimes wrong port

zzz for 156.146.56.138:39261 via 89.187.163.213:38774

orignal java or i2pd?

zzz might be behind VPN

orignal because I don't update port yet

zzz java

orignal SSU2 through proxy will look more funny

zzz anyway, that's all I have on 3)

orignal great

zzz also, I copied most of prop. 159 to the spec section

orignal I will change the code according to your logic

zzz minus all the QUIC copy-paste and some other stuff

zzz i2p-projekt.i2p/spec/ssu2

orignal will check

zzz and got the blog post out (finally)

zzz so any more updates I will change in both places, prop. 159 and the spec

zzz that's it from me

zzz anything else for the meeting?

orignal we need more SSU2 routers as usual

zzz we'll have all you need in 5 weeks :)

zzz start planning what costume you will be wearing

zzz thanks everybody