when last we saw our hero (Thursday, May 09, 2002), 
 Scott Dier was madly tapping out:
> * steve ulrich <sulrich at botwerks.org> [020509 22:39]:
> > i would concur with this - there are a few different mechanisms for the
> > routing of traffic to the nearest (and best) internet gw in the overlay
> 
> I'm somewhat convinced we shouldn't get into the business of providing
> internet bandwidth and leave that up to people that want to either vpn
> into their home networks or make arrangements with individual gateways
> on the overlay network.  Perhaps it would be a nice future goal on the
> overlay network, but I don't think it should be a driving force.
> 
> Overlays, IMO, are to free myself from copper and another monthly fee
> for a long transport pipe, and not necessarily for a internet
> connection.
> 
> I'm not sure how may people can provide connectivity for free without
> liability or cost.

in an overlay it's not required that all nodes provide internet access.
however for the nodes that are willing to provide internet access, this
can be accomodated.  it will require that the overlay network run at least
an IGP routing protocol.  IMO all the more reason to focus on hot spots
until there is a critical mass for the deployment of an overlay network.

> On another note, I wonder how hard it would be to use IPSEC/AH to
> provide QoS over saturated links to 'contributing members'.  IE: let
> anyone use the links, but the people who ponied up money for equipment
> and time and stuff get some priority.  Not to be elite, but to be
> rewarding and as an incentive if we ever come to the problem of having
> that much usage.
> 
> I think both of these problems are problems we hope to have, someday,
> too. :)


actually - you don't need to use IPSec in order to give preferential
treatment to subscribers.  this can be done by using the appropriate
queuing on the gw.  the *BSDs have really nice tools for handling this
type of behaviour.  i've used altq and dummynet to do this in the lab and
on my home network.  i don't know what queuing mechanisms are available on
linux these days but the last i checked the options available pretty much
sucked rocks.

queuing on the edge should be more than sufficient for this type of
application.  additionally, type of traffic prioritization is key to the
nocat framework.


-- 
steve ulrich                       sulrich at botwerks.org
PGP: 8D0B 0EE9 E700 A6CF ABA7  AE5F 4FD4 07C9 133B FAFC