Tianji

Make Sync truly server-less

Recommended Posts

Resilio Sync is blocked by Chinese gov recently. DNS resolve of all resilio.com hosts are blocked, as well as trackers and relay servers. 

Is it possible to make Sync truly server-less? Sync is currently the closest to the server-less goal, compared to other cloud-based solutions such as Dropbox. As far as I know, there is DHT network which was supported by old BTSync but removed in Resilio Sync. Can you bring DHT back as an optional feature? 

If DHT can not be back easily. Could you add a tracker-only proxy option, instead of global proxy?

As a paid user of Resilio Sync, I'm so upset that I can't use it anymore. Hope this can be resolved soon. 

Share this post


Link to post
Share on other sites

@Tianji We are looking for solution. DHT is not a magic bullet, as some people has to be a bootstrap nodes which can be targeted easily. I suggest reading this discussion revealing how DHT works and how it can be shut down.

We are looking for more or less permanent solution. The only viable solution for now is to use predefined hosts. 

Share this post


Link to post
Share on other sites

Sounds cool. 

Permanent against GFW or against any kinds of attack? It is much easier to do the former. 

GFW is not a real firewall (as a hardware that can deal with nation-wide traffic is simply impossible). Rather, GFW is a police car parking on the shoulder of the high way. It can monitor and inject packets, but not drop packets. And GFW is only on the border of Chinese network. So it does nothing against internal traffic, as long as you don't have a fixed server running "illegal" contents. 

AFAIK, GFW does 3 things:
a) poison DNS,
b) blacklist IP and/or port,
c) identify traffic patterns and inject TCP RST to terminate connection, or bad sequence number to slow-down TCP connection.
Type c) has
    c1) identify censored phrases, which is easily overcome by any kind of encryption; and
    c2) identify traffic patterns such as SSH and VPN, which needs too much development that they won't bother to do on Sync.  
And Type c) identified "illegal" foreign IPs are temporarily added to b) blacklist for some 3-5 minutes. 

Hope this helps, in case you guys don't have idea how GFW works. :D

Share this post


Link to post
Share on other sites
On ‎8‎/‎16‎/‎2017 at 5:32 PM, RomanZ said:

@Tianji We are looking for solution. DHT is not a magic bullet, as some people has to be a bootstrap nodes which can be targeted easily. I suggest reading this discussion revealing how DHT works and how it can be shut down.

We are looking for more or less permanent solution. The only viable solution for now is to use predefined hosts. 

Is there an easy way to use predefined hosts when my ip keeps changing?

Share this post


Link to post
Share on other sites

It's weird to see that every time someone mentions the idea of proxying trackers only it never gets a response. Is it just getting skipped over amongst the rest of the ideas put up or is there some reason why it's unfeasible. To me it seems like the easiest solution by far but it never gets addressed. I'd call conspiracy but I don't think even Alex Jones could come up with a reason as to why a proxy conspiracy would exist.

 

please.. let us proxy tracker requests only.... or tell us why we are wrong to want it...

Share this post


Link to post
Share on other sites

Hi @RomanZ

Because this software is blocked by China's official. So It's not suitable for resilio to fight against the GFW.

I think it's better to privide some tricks in the software.  The main problem is  that the tracker server is blocked. Since the protocol is resilio's commercial secret. We can't deploy tracker servers by ourself. But we can redirect to the traffic from one server not blocked to your tracker server just by simple iptable rules.

The software gets tracker server addresses from https://config.resilio.com/sync.conf。 So to do so, we need to override the content of sync.conf. 

Here are some solutions:

1. Could you change the protocol from https to http ( https://config.resilio.com/sync.conf),  so that we can privide the file by ourself with the redirected tracker server.

2. More on, could you have add one attribute in Resilio Sync's power user preferences to set the config server address(config.resilio.com). So that the default server is still https://config.resilio.com, but we can change to https://config.example.com, https protocol is OK.

3. Add one attriibute in Resilio Sync's power user preferences to config the tracker server by ourself.

4. Could you privide proxy only for tracker and relay servers?

Both method 1, 2 and 3 is only a small modification for the software. It can be done in just several minutes. Method 4 may need more modification.

Your side should privide some backdoors, and leave us to fight against the GFW.

Share this post


Link to post
Share on other sites

A few of us have asked questions and raised ideas for solutions for sync in China, so far we are getting no replies. I get it that you guys are probably busy but it would be nice know that something is going on. If our suggestions and ideas have reasons that they wouldn't work we would be okay with being told that. As it is now, we have no idea if you are listening or not..

 

 

On ‎8‎/‎16‎/‎2017 at 5:32 PM, RomanZ said:

@Tianji We are looking for solution. DHT is not a magic bullet, as some people has to be a bootstrap nodes which can be targeted easily. I suggest reading this discussion revealing how DHT works and how it can be shut down.

We are looking for more or less permanent solution. The only viable solution for now is to use predefined hosts. 

 

Share this post


Link to post
Share on other sites

It seems this is the end of this thread so no Prod Mgr is listening/answering - so no DHT-like functionality seems to come :-(

Edited by afkdk
Better explaining my pint

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.