Support direct peer-to-peer connections via TCP hole-punching #52
Comments
|
This is an interesting idea but it is targeting a very specific set of users so we are probably not going to implement this (at least for the near future). However, we will release the source code under the Fair Source License in a couple of weeks, so you or other user interested may consider starting your own implementation by then. |
|
I'd very likely be interested in working on this once you release the source. Are you envisioning that features like this one (i.e. ones that you don't personally care too much about though some users might, and where it would require a non-trivial amount of additional code to implement it) would be things you'd be open to folding into Duplicacy via a PR once they're complete and you're comfortable with them? Or does the comment "starting your own implementation" really mean "you're welcome to fork the project, but you're on your own if you do?" |
|
New features will be generally welcome and I'll accept the PR as long as the new feature doesn't affect the current usage. The only issue is how licensing works for contributed code. I'll need to ask for your permission to apply the Fair Source License to the new code. In exchange you'll have the right to use Duplicacy without the number of users limitation. In addition, I'll also set aside a portion of the revenue from the Fair Source License to compensate contributors like you. |
|
That all sounds reasonable and more than fair. |
Duplicacy allows peer-to-peer backup as long as the recipient is willing to set up an SFTP server, do the work of setting up port forwarding on their router for it, and expose that SSH daemon to the Internet for anyone else to try (hopefully unsuccessfully) to break into.
It would be great if instead Duplicacy supported direct peer-to-peer connections via TCP hole-punching for users whose NATs support it. That would eliminate the setup work required for users who might be less tech-savvy and might struggle to configure (without mistakes that could leave them vulnerable) the SFTP daemon plus the port forwarding on the router, and it would avoid opening a well-understood (though generally well-secured) door which any bad actor on the Internet could try to break into.
There are definitely some costs to implementing this: clearly there's a development cost (you have to implement the actual hole-punching code to get a TCP connection, and you have to design - and secure - a protocol of some sort for doing authentication and then the transfer of data across the TCP connection), and there's also an ongoing operational cost of having to run a server of some type for facilitating the hole-punching handshake (and you have to design the protocol that lets users match one another via your server prior to actually connecting to one another). But it would make for a very seamless user experience for a feature for which at least some people would want (as evidenced by the number of us who ran CrashPlan peer-to-peer on our Raspberry Pis before Code42 released code that ran only on Intel processors), so I hope it's something you'll consider.
The text was updated successfully, but these errors were encountered: