-
Notifications
You must be signed in to change notification settings - Fork 45
How it works
Each p2p instance creates a virtual network interface (TUN/TAP) and starts a network traffic listener.
To find another network participants p2p uses a special unique string provided at startup with -hash argument. This string is being sent to a DHT servers, which will response with a list of known peers (IDs) that uses same hash. Also, DHT server will assign unique ID to this particular instance.
Before establishing a connection with other peers, p2p will request their IPs from DHT. When IP is received, p2p tries a direct connection with peer over LAN if one of received IP addresses intersects with interface available in the system. Let's say, if we have an interface with assigned IP 192.168.0.100 and one of the peers have IP in the same network, p2p will try to establish this connection first. If local connection is not possible, p2p will try to establish connection over internet.
In the case, when one or both peers are behing NAT, peer will try to request a traffic forwarding server (proxy) from DHT, by sending special command. DHT will response with IP address of such server and notify unreachable peer, that it should establish connection with this proxy too. Then, both peers connect to this proxy and handshake with it. If both peers successfully connect to a proxy, they will try to handshake each other.
Handshake message is encrypted by a private key, which should be provided at instance start. If p2p can decrypt and understand handshake message, it consider connecting peer as online. Handshake message contains information about MAC address of a virtual interface and assigned IP.
Now, every network packet that was sent to this assigned IP will be routed to a previously created interface by operating system. p2p will extract headers from ARP packet and create a new ARP packet with response, that contains peer's MAC address. Operating system will send packets to this MAC address and those packets will be handled by p2p daemon - they will be encrypted and encapsulated into internal p2p packet format.