removal and success criteria
This commit is contained in:
parent
a9885f35f0
commit
9263feed9d
@ -91,22 +91,6 @@ When the Local Server has a packet it wishes to send outbound, it will place the
|
|||||||
|
|
||||||
Security is an important consideration in this project. Creating a multipath connection and proxies in general can create additional attack vectors, so I will perform a review of some existing security literature for each of these. However, as the tunnel created here transports entire IP packets, any security added by the application or transport layer will be maintained by my solution.
|
Security is an important consideration in this project. Creating a multipath connection and proxies in general can create additional attack vectors, so I will perform a review of some existing security literature for each of these. However, as the tunnel created here transports entire IP packets, any security added by the application or transport layer will be maintained by my solution.
|
||||||
|
|
||||||
The structure of the Wireguard project is also a good fit for this project. The elements are presented as follows:
|
|
||||||
|
|
||||||
\begin{itemize}
|
|
||||||
|
|
||||||
\item To manage the tunnel, a C kernel codebase and a Go user space codebase.
|
|
||||||
|
|
||||||
\item Existing $ip(8)$ and $ifconfig(8)$ tools for the configuration that they can manage.
|
|
||||||
|
|
||||||
\item A $wg(8)$ tool for configuration that can't be handled by existing tools.
|
|
||||||
|
|
||||||
\item A $wg-quick(8)$ tool for persistent configuration.
|
|
||||||
|
|
||||||
\end{itemize}
|
|
||||||
|
|
||||||
Although I only plan to implement a user space codebase as part of this project, I will endeavour to produce the three parts listed above. That is, allowing all configuration that can be handled by the existing tools $ip(8)$ or $ifconfig(8)$ to be completed by them, an additional tool for bespoke configuration elements, and a separate script that uses both of these for persistent configuration.
|
|
||||||
|
|
||||||
Examples are provided showing the path of a packet with standard session based load balancing, and with this solution applied:
|
Examples are provided showing the path of a packet with standard session based load balancing, and with this solution applied:
|
||||||
|
|
||||||
\subsubsection*{Session Based Load Balancing}
|
\subsubsection*{Session Based Load Balancing}
|
||||||
@ -209,6 +193,8 @@ A sample network is provided in Figure \ref{fig:sample-network}.
|
|||||||
|
|
||||||
\end{enumerate}
|
\end{enumerate}
|
||||||
|
|
||||||
|
Although these tests will be performed predominantly on virtual hardware, I will endeavour to replicate some of them in a non-virtual environment, though this will not be a part of the success criteria.
|
||||||
|
|
||||||
\pagebreak
|
\pagebreak
|
||||||
\section*{Timetable and Milestones}
|
\section*{Timetable and Milestones}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user