ITS wiki

The Incompatible Timesharing System

User Tools

Site Tools

Trace:
ch11

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision		Previous revision
ch11 [2015-09-13 14:24] – created victorch11 [2021-02-22 16:56] (current) – [Ideas for future work:] victor
Line 15: Line 15:
 The protocol, CHUDP, by default uses UDP port 42042, but this can be configured in case, e.g., that port doesn't pass through your firewall. The protocol, CHUDP, by default uses UDP port 42042, but this can be configured in case, e.g., that port doesn't pass through your firewall.
  
-The code is a (very) stripped-down version of dvlhdh.c and dpimp.c, and includes minimal patches to the makefile and to kn10dev.c. It can be downloaded [[http://victor.se/bjorn/its/ch11.tar.gz|here]]. I would appreciate if you send me an email if you do, e.g. so I have an idea about who to notify about updates.+The code is a (very) stripped-down version of dvlhdh.c and dpimp.c, and includes minimal patches to the makefile and to kn10dev.c. It is now included in [[https://github.com/PDP-10/klh10|the standard klh10]], but an early version can be downloaded [[http://victor.se/bjorn/its/ch11.tar.gz|here]] (updated 2017!). I would appreciate if you send me an email if you do, e.g. so I have an idea about who to notify about updates.
  
 To configure the CH11 device, as a minimum, use To configure the CH11 device, as a minimum, use
Line 24: Line 24:
 It uses the generic Unibus parameters "addr", "br", "vec" etc, plus additional parameters: It uses the generic Unibus parameters "addr", "br", "vec" etc, plus additional parameters:
  
-  ;''chudpport=50043'' :     changes the UDP port used +  ''chudpport=50043''      changes the UDP port used 
-  ;''chip=3131/10.0.1.42:50011'' :     defines a Chaos/IP mapping for Chaos host 3131, which should be contacted at IP 10.0.1.42 at UDP port 50011. You can use hostnames in place of IP addresses, which will use the first address returned by gethostbyname(), if it is an IPv4 address. The port suffix is optional and defaults to 42042. You can define up to 10 such Chaos/IP mappings (without changing the constants in the code). +  ''chip=3131/10.0.1.42:50011''      defines a Chaos/IP mapping for Chaos host 3131, which should be contacted at IP 10.0.1.42 at UDP port 50011. You can use hostnames in place of IP addresses, which will use the first address returned by gethostbyname(), if it is an IPv4 address. The port suffix is optional and defaults to 42042. You can define up to 10 such Chaos/IP mappings (without changing the constants in the code). !! 
 +   
 +(Rather than configuring lots of chip entries, consider using the separate chaosnet bridge program at https://github.com/bictorv/chaosnet-bridge. You could also connect to my Chaosnet which has a central bridge at UP, see https://chaosnet.net for more info).
  
 If a CHUDP packet is received from an unknown host, a Chaos/IP mapping is dynamically added to the table, so return traffic can find its way. This is useful e.g. if you accept connections from other ITSes without static IP addresses. (There is currently no way to avoid potentially filling your table this way.) If a CHUDP packet is received from an unknown host, a Chaos/IP mapping is dynamically added to the table, so return traffic can find its way. This is useful e.g. if you accept connections from other ITSes without static IP addresses. (There is currently no way to avoid potentially filling your table this way.)
  
-To make use of the interface, you need to recompile ITS after defining CHAOSP, MYCHAD, NINDX, and CH11P in SYSTEM;CONFIG (and following the instructions in distrib.its, of course). **See also BEWARE note below**. Don't forget to compile SYSENG;@CHAOS and install as DEVICE;ATSIGN CHAOS. Don't forget to keep names of your friends' ITSes in SYSEN2;MLDEV, SYSENG;@DEV, etc. Patch SYSBIN;FTPS BIN to get your Chaos-mail Received header right. More notes may appear later.+To make use of the interface, you need to recompile ITS after defining CHAOSP, MYCHAD, NINDX, and CH11P in ''SYSTEM;CONFIG'' (and following the instructions in distrib.its, of course). **See also BEWARE note below**. Don't forget to compile ''SYSENG;@CHAOS'' and install as ''DEVICE;ATSIGN CHAOS''. Don't forget to keep names of your friends' ITSes in ''SYSEN2;MLDEV''''SYSENG;@DEV'', etc. Patch ''SYSBIN;FTPS BIN'' to get your Chaos-mail Received header right. More notes may appear later.
  
 Make sure your firewall lets the UDP traffic through. Make sure your firewall lets the UDP traffic through.
  
-I would appreciate very much to get feedback and testing, especially from people who actually *know* how the original interface was supposed to act. I've discovered many things by reading SYSTEM;CHAOS and by testing locally, but I can't say I know exactly how it *should* work...+I would appreciate very much to get feedback and testing, especially from people who actually *know* how the original interface was supposed to act. I've discovered many things by reading ''SYSTEM;CHAOS'' and by testing locally, but I can't say I know exactly how it *should* work...
  
 ===== *BEWARE* ===== ===== *BEWARE* =====
Line 51: Line 53:
  
  
-  ;2005-04-23 +  2005-04-23: Fixed a long-standing bug in dynamic CHUDP handling. Chapter 7 in AIM 628 doesn't give much (and doesn't always match the code in SYSTEM;CHAOS). 
-   Fixed a long-standing bug in dynamic CHUDP handling. Chapter 7 in AIM 628 doesn't give much (and doesn't always match the code in SYSTEM;CHAOS).  +  2005-03-08: Found my old copy of MIT A.I. Memo 628: Chaosnet by David Moon. At some point I'll go through the code and clean things up, add missing functionality, etc. 
-  ;2005-03-08 +  2005-02-09: Fixed silly typo in lost count handling. 
-   Found my old copy of MIT A.I. Memo 628: Chaosnet by David Moon. At some point I'll go through the code and clean things up, add missing functionality, etc.  +  2005-01-31: Finally got the interrupt handling and synchronization right. Along the way, 
-  ;2005-02-09 +     *      implemented "lost count" in CSR 
-   Fixed silly typo in lost count handling.  +     *      added basic routing support (if DPCHUDP_DO_ROUTING is non-zero): if a packet is sent to DEFAULT_CHAOS_ROUTER (default 03040) or to another subnet, look up header destination in CHIP table, and if found, send it there (after updating forwarding count, trailer destination, and checksum). If the destination is not found, but a host on the same subnet is found, send it there and hope for the best (currently it will be dropped). Anyway, it now works to have ITSes on different subnets, as long as the CH11 knows about it.  
-  ;2005-01-31 +  2005-01-29: Avoid race condition, handle CSR bits better. dpchudp is still receiving short packets from dvch11 which dvch11 doesn't detect sending - reason unknown, the packets are ignored, and the device "works", but I'd like to fix it anyway. 
-   Finally got the interrupt handling and synchronization right. Along the way, +  2005-01-25: Enable interrupts correctly (handle %CAREN/%CATEN in the right order). 
-  *      implemented "lost count" in CSR +  2005-01-24: Avoid auto-retransmissions (check ch_outactf before sending anything). 
-  *      added basic routing support (if DPCHUDP_DO_ROUTING is non-zero): if a packet is sent to DEFAULT_CHAOS_ROUTER (default 03040) or to another subnet, look up header destination in CHIP table, and if found, send it there (after updating forwarding count, trailer destination, and checksum). If the destination is not found, but a host on the same subnet is found, send it there and hope for the best (currently it will be dropped). Anyway, it now works to have ITSes on different subnets, as long as the CH11 knows about it.  +  2005-01-23:  
- +    *      Minor portability fixes (after porting to Solaris/Sparc). 
-  ;2005-01-29 +    *      Checksum now checked in dpimp. 
-   Avoid race condition, handle CSR bits better. dpchudp is still receiving short packets from dvch11 which dvch11 doesn't detect sending - reason unknown, the packets are ignored, and the device "works", but I'd like to fix it anyway.  +    *      Dynamic entries in CHIP table are refreshed if it's more than 5 minutes since last reception from that address. 
-  ;2005-01-25 +    *      Front-end command: dev chaos chiptable to show current contents of CHIP table.  
-   Enable interrupts correctly (handle %CAREN/%CATEN in the right order).  +  2005-01-19: First release.
-  ;2005-01-24 +
-   Avoid auto-retransmissions (check ch_outactf before sending anything).  +
-  ;2005-01-23 +
-  +
-  *      Minor portability fixes (after porting to Solaris/Sparc). +
-  *      Checksum now checked in dpimp. +
-  *      Dynamic entries in CHIP table are refreshed if it's more than 5 minutes since last reception from that address. +
-  *      Front-end command: dev chaos chiptable to show current contents of CHIP table. +
- +
-  ;2005-01-19 +
-   First release. +
  
 ===== Ideas for future work: ===== ===== Ideas for future work: =====
Line 83: Line 74:
   *  Setting to only accept dynamic ip/port for specific chaos addresses. (Allow for future authentication extension?)   *  Setting to only accept dynamic ip/port for specific chaos addresses. (Allow for future authentication extension?)
   *  Dynamic setting for chip table ttl.   *  Dynamic setting for chip table ttl.
-  *  Better routing support.+  *  Better routing support (fixed by [[https://github.com/bictorv/chaosnet-bridge|the Chaosnet bridge program]])
   *  Implement loopback (not LUP, but Chaos pkts to self). Currently they are in practice dropped. I'm not sure ITS handles this very well anyway.   *  Implement loopback (not LUP, but Chaos pkts to self). Currently they are in practice dropped. I'm not sure ITS handles this very well anyway.
-  *  Chaos broadcast can easily be implemented by UDP broadcast, but it's probably not very useful. Another implementation would be to send (individually) to all known hosts (in the CHIP table) on the same subnet, but this is probably not very useful either. (Does any ITS program do broadcast?+  *  Use DNS to find Chaos addresses - see [[https://chaosnet.net/|more info here]].
-  *  Use DNS to find Chaos addresses.+
   *  More CHUDP protocol functions?   *  More CHUDP protocol functions?
   *  Security: while ITS with PANDA/PWORD may keep malicious people out, there are gaping holes once you have Chaosnet access. If dynamic CHIP entries are allowed, anyone can come up with a random Chaos address and read/write your system over MLDEV. Possible improvements:   *  Security: while ITS with PANDA/PWORD may keep malicious people out, there are gaping holes once you have Chaosnet access. If dynamic CHIP entries are allowed, anyone can come up with a random Chaos address and read/write your system over MLDEV. Possible improvements:
-    *    Let MLSLV check that the chaos address translates to an ITS name in the ITSNMS table.+    * Use the TLS link type in [[https://github.com/bictorv/chaosnet-bridge|the Chaosnet bridge program]] 
 +    *    Let MLSLV check that the chaos address translates to an ITS name in the ITSNMS table (or implement a cbridge-based firewall)
     *  Verify CHIP enties by checking that DNS entries for CH and IN classes match. This doesn't work for Chaos nodes with dynamic IP addresses (which is what it's supposed to support).     *  Verify CHIP enties by checking that DNS entries for CH and IN classes match. This doesn't work for Chaos nodes with dynamic IP addresses (which is what it's supposed to support).
-    *    Add a cryptographic handshake to the CHUDP protocol. PKS key distribution using DNS? When UDP port changes (e.g. due to NAT), renegotiate. (When a non-authenticated CHUDP pkt arrives, send a challenge back.) 
-  *  Chaosnet library for Linux/Unix??? "Chaosnet interface server" in Java? 
- 
  
 +See [[https://github.com/bictorv/chaosnet-bridge|the Chaosnet bridge program]] if you want to use Chaosnet in Linux/Unix
ch11.1442147068.txt.gz · Last modified: 2015-09-13 14:24 by victor

Page Tools

Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki