Thread: Restricting True-P2P traffic to a local network
View Single Post
  #8 (permalink)  
Old January 21st, 2004
LeeWare LeeWare is offline
Valued Member contributor
  
Join Date: August 4th, 2002
Location: Chicago, USA
Posts: 321
LeeWare is a great assister to others; your light through the dark tunnel
Post Gnucleus LAN Solution
Yes, you could in fact use both of the methods you eluded to protect your network from outside connections. However, I am assuming that your subnet is not directly connected to the public Internet. If this is true, you don't need to worry about it.

Even if you're subnet is connected to the public Internet people wishing to connect to your network would have to know the name exactly, they would also have to specify the correct port. Finally, they would also need the Gnucleus client to connect to your network.

Clients that are physically located on the same LAN i.e. Broadcast domain will automatically see the network specified by the first client on the P2P network via the Gnucleus LAN client.

Basically this is how it works. I have approximately 400 machines located in a community based network. 200 machines in one building and 200 machines in another Building.

In Building #1 I create a network called P2P-BLDG I do this by creating a network using the first machine containing the Gnucleus LAN client. Next, I distribute the client to the other 199 computer users. After they start their clients they would have two choices

#1 join an existing network (they will see the name of the network that I created--because the computers are all in the same broadcast domain)

OR

#2 Create a new network yes, you can create multiple networks and the users can select the networks they want to join.

note that all computers in building #1 are on the same subnet 192.168.0.0/24

The computers in Building #2 are on a different subnet.
192.168.1.0/24 Therefore when I distribute the Gnucleus client to those users, they have to specify that they want to connect to IP_ADDRESS and PORT# + NETWORKNAME of the main computer running the P2P-BLDG network.

Each person would have to do this. But there's a solution. To simplify connectivity for the users in Building #2

The first machine that starts in Building #2
creates a network called P2P-GW which will be available to all of the computer in that building/subnet and have the P2P-GW computer establish a connection to the main computer on the network hosting the P2P-BLDG network. Obviously, the two subnets need to be able to reach one another via a router.

BLDG#1 BLDG#2

P2P-BLDG <=router=> P2P-GW
200 users 200 users

hope this helps.
__________________
Lee Evans, President
LeeWare Development
http://www.leeware.com
Reply With Quote