Slashdot Mirror
Gnutella2 Specifications
An anonymous reader writes "After lots of heated debate regarding Gnutella2, (first story and more recent story), the specifications have finally been released. There is a mirror here. Let the debates begin."
← Back to Stories (view on slashdot.org)
I can use this to share all my Linux warez with impunity!! Ha ha GPL take that! I'm sharing and there's nothing you can do about it!! NOTHING!
Slashdot the specs so nobody can develop clients! That's absolute genius. I wonder how much Hilary Rosen is paying Taco for this? ;)
using namespace slashdot;
troll::post();
For those of you who don't want to pop over to the site. Or if it get's slashdotted (which would be odd).
What is Gnutella2?
Gnutella2 is a modern and efficient peer-to-peer network standard and architecture designed to provide a solid foundation for distributed global services such as person to person communication, data location and transfer and other future services.
Why is it needed?
Peer to peer technologies have become mainstream over recent years, and there are already a significant number of P2P networks in various stages of development and operation.
How does yet another network help?
Gnutella2 is unique amongst the currently operating peer to peer networks in several important ways:
* Many of the most successful networks are "closed", owned by a single entity with restrictions or fees constituting a barrier to participation. This is not a viable model for an open, general purpose network. Gnutella2 is an open architecture where anyone is welcome to participate and contribute. The network has been designed to allow such diversity without the need for messy hacks or compromises in integrity.
* The majority of networks are devoted to a single purpose, often the sharing of files. This is certainly a popular application for peer to peer technology, but it is by no means the only application. Gnutella2 is designed as a general purpose network which can be used as a solid foundation for any number of different peer to peer applications - vanilla file sharing, communications tools or other ideas which are yet to be conceived.
* Some peer to peer networks have been developed with similar general purpose goals, however they have been unable to compete in the most popular application of the day, which is file sharing. For a general purpose network to succeed, it must be able to compete with purpose-specific networks in the most popular purpose. Gnutella2 is not only able to compete with the current popular file sharing specific networks, it outperforms them.
What About "Old Gnutella"?
The original "Gnutella" was created several years ago as a very simple, single vendor file-sharing specific network. Its simplicity made it a popular platform for file sharing application developers; however this simplicity also critically limited its effectiveness. As a result, competing file-sharing specific networks slowly but surely took over as the tools of choice as Gnutella users became frustrated with poor performance and turned elsewhere.
The original Gnutella[1] network was designed for a very limited purpose and, despite many changes over the years, remains limited today. Efforts to make it a better file sharing network continue with mixed success.
Gnutella2 shares the "Gnutella" name, striving to create the network that Gnutella should have been from the beginning. It shares the adopted ideals of openness and cooperation, but offers a fresh start that was sorely needed. The crippling limitations of the old network have been left behind and replaced with an entirely new network architecture ready to grow and develop through the creative efforts of many.
What is the Scope of Gnutella2?
The single name "Gnutella2" really refers to two separate components: Gnutella2 the Standard and Gnutella2 the Network.
The Gnutella2 Network is perhaps the most easily recognised component. It is a new high-performance peer to peer network architecture upon which a variety of distributed applications can be built, such as file sharing applications, communication tools, etc.
The Gnutella2 Standard is a set of requirements for building applications which operate on the Gnutella2 network in different capacities. It specifies the minimum compliance level required to be recognised as a Gnutella2-compatible application. Compliance with a Gnutella2 Standard ensures participating applications provide a minimum acceptable level of service to other network participants.
Two questions:
1. Can this version prevent abuse from folks that try to flood the system with bogus or damaged files?
2. Will this version enable people to download anonymously?
Common Gnutella2 Standard (All Applications)
All applications making use of Gnutella2 technology for any application class MUST IMPLEMENT the following core features:
* Bidirectional TCP stream connections
(stream compression OPTIONAL)
* Bidirectional reliable UDP protocol
(Gnutella2 reliability layer and stateless compression REQUIRED)
* HTTP-style link negotiation, exchanging at least the required headers
* Gnutella2 protocol support, graceful handling of unknown trees
* Localised, UTF-8 and UNICODE decode REQUIRED, encoding to each optional
* Operation in LEAF mode, additional node states OPTIONAL
* Basic link handshaking and maintenance functionality (PI/PO/LNI/KHL)
* Global node addressing scheme and routing maintenance, addressing children (TO)
* Reverse (PUSH) connection response (connecting out)
* HTTP/1.1 client and server for peer to peer transactions
Gnutella2 Standard for File Sharing
Applications making use of Gnutella2 technology for file sharing MUST IMPLEMENT the following features:
* All of the COMMON features listed in the previous section
* Operation in LEAF mode, additional node states OPTIONAL
* Some form of bandwidth management scheme to keep network and transfer bandwidth below 95% of the user's link capacity - be it manually configured or some automatic scheme (very important to avoid flooding local connection)
* SHA1 and TIGER ROOT URNs for all shared objects
* XML metadata using existing schemas where appropriate (manual entry and peer acquired at minimum, automatic local collection highly recommended, service lookup optional)
* Universal 1-bit query hash filter, at least 2^20 length, intelligent density management scheme (superset combination required if supporting hub mode)
* Gnutella2 object search mechanism, all client responsibilities and if supporting hub mode, server responsibilities too
* Local search processing including simple query language (Boolean operations, quoted search terms, numeric range searches, interest flagging (I), local rule-based metadata searching)
* Extensible hit format (URN/DN/MD/URL are REQUIRED, all other extensions OPTIONAL)
* HTTP/1.1 based upload system, URN based requesting, partial content requests, active queuing, partial file uploading, timestamp protected alternate source cache and exchange
* Tiger Tree volume calculation on shared files, caching on downloads, exchange via DIME. Local corruption detection OPTIONAL but recommended.
This, hopefully, will be the "re-birth" of Gnutella, or at least of a new open free P2P protocol. And the fact that this protocol looks to be, and pretty much is, the most technical, feature rich and advanced protocol currently out is fantastic. I can't wait until someone adds an "Anonymous layer".
/.'d, here is a URI (need Shareaza to download it).
U 3A FICBDU&dn=Gnutella2%20Specs%20Draft.htm
No word yet if any of the classic Gnutella clients (such as BearShare, Limewire etc.) will be adopting Gnutella2 at all (although Gnucleus has vowed to in the future). However, there are some that are open source/GPL'd, such as GTK for *NIX, Aquisition for OSX or Limewire in Java.
Incase the specs get
magnet:?xt=urn:bitprint:PMKP57E2TXFI2Z37M3A7CJ2
1. There is a rating system that can help but not prevent this.
2. No.
It is "Mike's Protocol", as mentioned at the interview linked to from the previous post.
For instance pretend for a second that Linus did not have the copyright for the Linux name and a coder or better yet Michael Robertson registered the domain name Linux3.com and marketed a new kernel as an official version of the Linux kernel by Linus and pushed it as the latest and greatest version of Linux.
GNUTELLA CONNECT/0.6
Listen-IP: 1.2.3.4:6346
Remote-IP: 6.7.8.9
User-Agent: Shareaza 1.8.2.0
Accept: application/x-gnutella2
X-Ultrapeer: False
The Remote-IP header contains the IP address from which the remote host is connecting. This allows a remote host operating through some kind of network address translation system to learn its effective external address.
The Local-IP header contains the IP address and port number that the local host is listening for inbound TCP connections on. It should be listening for UDP datagrams on the same port. The format of this header is "IP:PORT", eg "1.2.3.4:6346".
Can you say DDoS? Would be fun and easy to get an entire network of gnutella clients to respond to one ip.
While refining the original protocol is all well and good, why not look towards intergration with other open networks now?
I've used em all, as they say, and while no one client is best for all applications I'd say the Emule development is damn close. Since it's Open Source and there are several main "production" versions from different groups plus individual modders putting out even more versions on the cutting edge of development. The best code gets quickly integrated all the way from the edge to the trunk, I've had my eye on their mod forums as well as the latest emule 27a thru 27c releases and things are really moving towards another great milestone release.
With the integration of Overnet support into EMule it now has the best of both worlds, with both public servers and client to client directories. Plus with weblink sites making it easy to find and add known good files to your queue, by batches if needed, it gives the end user the complete experiance of a mature tech.
At least Gnutella is open and may actually end up moving in this direction, I'm disappointed in hearing that the upcomming WinMX will still be closed, both their client and their network really have some good features but in the P2P world closed is death IMHO. As for me, I'll be waiting for the latest 27c EMule as modded by Sivka, my personal favorite at this time.
Jonah Hex
Horror & SciFi Erotic Nudes
Sorry, I'm new to this Gnutella2/Gnutella battle.
If Mike really did use the Gnutella name without permission, why doesn't someone sue him? These "products" are far too similar to be called by such similar names. For example, I'd get my ass sued if I made a new operating system and called it 'Linux2'. Unholster the IANAL's and tell me why. Or even better, get a real lawyer to tell me why.
Otherwise, stop bitching about the fact he's using the name if you aren't going to do anything about it.
----- rL
To be more to the point -- this is NOT Gnutella. The Gnutella developers are not happy about the so-called "Gnutella" 2 since it goes against their wishes in many ways. Basically this one individual hijacked the name to push his own ideas.
...
From the last story it's pretty damned clear that "Gnutella" 2 is not going to be a particularly helpful or effective protocol. As someone who uses the real Gnutella (sometimes even for perfectly legit purposes) and thinks it works, I'll stick to the real Gnutella. It keeps getting better
simon
home page
1) Shareaza works reasonably well though the lack of a usefull anti leech
mechanism is a drawback. A leaf and hub architecture is a reasonable compromise,
it usually dosn't allow searching of the whole network.
A distributed hash table architecture would allow global search but DHT is
vulnerable to an attacker with modest resources flooding the search space with
junk.
2)I'm interested in the reliable communiaction over UDP part of the protocol.
Two peers, neither of whom accept incoming connections due to connection sharing
or firewalling can't exchange files with any current p2p software.
I'm a bit surprised that no p2p project has tried to do UDP connection splicing
to allow two peers, both behind internet connection sharing (NAT) to talk to
each other. It not be possible but I havn't come across anyone who has tried at all.
It dosn't have to work for everyone to be usfull. Just allowing 10% of
NATed hosts to communicate would be worth the effort.
NAT routers usually allow outgoing UDP connections, normally the remote
machine will be listening on a UDP prt (most common use is port 53 for domain
name lookups. The local computer sends out a packet with a unique local port
number (sequentially or randomly assigned) and a remote port of 53.
When a UDP reply arrives from the internet, it also has a remote port number
of 53 and the chosen local port number. The connection sharing machine
looks at the local port number and compares it to a table of known connections.
If it matches an entry it knows which of the computers behind the NAT
it is intended for and forwards it.
In theory, if two NATed hosts send out UDP packets at the same time, using
the same port numbers the connection will penetrate the NATs. It requires the
help of another machine but in a p2p system you have plenty of machines that
can pass on some small messages.
The only problem I can see is that a NAT may change the local port number.
I hope that cheap cable/dsl routers only change the local port if necessary,
or if they do will use predicatable numbers.
This technique will also be usfull for getting through statefull firewalls.
I need to research this more. Am I missing somthing?
I'm aware that shifting files over UDP requires TCP compatible flow control
so it dosn't hog all the bandwidth.
3)Due to the number of people behind transparent proxys that hijack all outgoing
connections to port 80 and the number of people who set their filesharing
clients to listen on 80, I think is is a pity Mike didn't take the opportunity
to add a faculity to encapsulate traffic with a fake HTTP GET header so it will
go through http-only proxys. Kazaa does somthing like this.
In case anyone wants to run eMule in Linux, you can get lMule (Linux port).
Ant(Dude) @ Quality Foraged Links (AQFL.net) & The Ant Farm (antfarm.ma.cx / antfarm.home.dhs.org).
The people who created Gnutella abandoned the project. No one owns the name, and anyone can call anything 'Gnutella2'.
There can never be a 'legitimate' Gnutella2 because there is no 'legitimizer' to bestow legitimacy upon it.
People should allow their protocols to grow on their own, rather then trying to take advantage of a dead name.
autopr0n is like, down and stuff.