Noq: n0's new QUIC implementation in Rust(www.iroh.computer)
186 pointsby od013 hours ago10 comments
  • tekacs12 hours ago
    https://github.com/quinn-rs/quinn/issues/224#issuecomment-38...

    It's lovely to see the polite and respectful back and forth in this comment thread where the Iroh folks are talking about deciding to fork. :)

    • Aurornis8 hours ago
      Great interaction. Very refreshing after some of the past problems I've encountered with maintainers treating forks as hostile or "stealing our work".

      The message also exposes a reality of how hard it can be to upstream internal changes: They admit they don't have the time to go back and re-submit all of their work as tiny incremental patches that could be reviewed and approved upstream. They estimate it would be on the order of 100 PRs necessary to break it up and get it reviewed. That's a very large time investment for a company that needs to keep moving forward.

      Hopefully they stay close in the rest of the implementation details of the project they forked from. After a fork becomes battle-tested enough it might be reasonable to start merging things in larger chunks rather than treating them as incremental development again.

    • bigfishrunning12 hours ago
      I very much agree, a nice contrast to so much open source drama
      • b_fiive12 hours ago
        disclosure: I work on the team behind noq. Can't emphasize enough that the quinn maintainers are really lovely people, and quinn is an excellent project.
        • drewr9 hours ago
          Can confirm! We work closely with them at Datum
  • agg2312 hours ago
    iroh seems like a very well positioned product in the era of people rapidly building applications for personal use. I'm really interested in seeing how they continue to grow.

    I personally have been looking off and on at providing an "app relay" using it, where people can get an OSS, self-hostable (if desired), zero config way to remotely access their app/data on their network. This would be separate than a "network relay" (a la Tailscale), as this is done selectively as part of the application server and client, requires no knowledge or configuration as the user, and exposes a much smaller surface area.

    • nulltrace10 hours ago
      The zero-config part is where it gets tricky in practice. I spent a while getting mDNS-based discovery working across different home networks and it's a mess. Half the consumer routers silently drop multicast between subnets, some just rate-limit it into uselessness. You end up layering fallback after fallback (broadcast, then direct probe, then relay) and writing heuristics to pick which path actually works. Having multipath baked into QUIC so the transport just tries all paths and converges on the best one would've saved me a lot of that.
      • apitman8 hours ago
        Is your project public?
    • apitman8 hours ago
      You may be interested in my list here: https://github.com/anderspitman/awesome-tunneling

      In particular I believe OpenZiti has a similar focus on embedding the tunnel in the apps.

      • agg233 hours ago
        This is exactly the type of thing I was thinking of. Thanks
  • adityamwagh12 hours ago
    Love the folks from n0. I regularly use their sendme cli for peer to peer file transfer!
    • linsomniac4 hours ago
      Good to know. I usually use magic wormhole, which works great, but it does install a lot of python modules to achieve it. I'm always a little reluctant to install that on our production Windows SQL servers, and I rarely touch them, so usually when I do I just do a "netcat" equivalent via either a powershell snippet or https://github.com/linsomniac/toothpyk or I just "wget" it on the Windows side. For SQL Server ISOs, the Windows built in wget is terribly slow though.

      Thanks for the sendme pointer.

  • Kazik249 hours ago
    Excuse me if this is explained somewhere, but how does noq/iroh relays QUIC packets between peers? How does relay know which QUIC packets it receives should be sent where, since QUIC is famously hard to track? Do you stream to relay new/retire_connection_id packets through different connection so that it can link them to specific peers? Or is the relayed QUIC wrapped in different protocol?
  • dangoodmanUT10 hours ago
    The iroh team keeps cooking, unreal.

    I’m excited to have a weekend to just sit down and tinker with iroh, it’s been on my list for a while. I want to make an overlay network like nebula with it

  • superkuh7 hours ago
    Can this establish an QUIC connection without the other end having a CA cert? Or, like most other QUIC libs will it default to only allowing connections to corporation approved domains?
    • tialaramex6 hours ago
      It turns out that "Have the defaults arranged so that they suit a handful of crazy people but inconvenience literally everybody else" isn't popular. In fact preferring a tiny minority preference is sort of inherently unpopular, that's basically its defining feature as a policy.
      • superkuh4 hours ago
        Visiting websites (or making connections to IP based services) that aren't CA approved is not some crazy niche desire as you're painting it. It was the default for a very long time and is still the only way to access many websites. When changing the feature requires recompiling a lib and linking it into your browser which you also recompile it's basically reality and not just a default. The only reality. And that's bad. It should be a setting at least.
  • mrbluecoat9 hours ago
    > noq (”number 0 QUIC”)

    Wouldn't that be n0q then?

    • b_fiive3 hours ago
      Now, see. that's what I said as well. But the rest of the team was tired of me trying to name the hosted iroh "n0des", which I'm now ready to admit was a stretch. And so now here we are spelling n0q as noq. c'est la vie.
  • jeffbee12 hours ago
    I was just reading the QUIC multipath RFC. Didn't it come out literally yesterday? I guess it's common to have the implementation foreshadowing the RFC but it's jarring to see them back to back like this.
    • wofo6 hours ago
      Many QUIC features get implemented while in draft stage as people iterate on the RFC's design (e.g., ACK Frequency[0] is currently on draft version 14 and I implemented support for it three years ago in quinn).

      [0]: https://datatracker.ietf.org/doc/html/draft-ietf-quic-ack-fr...

    • gsnedders2 hours ago
      It’s common enough for groups to not consider the spec done until there is a decent bit of implementation experience (both because actual implementers tend to find interesting bugs in specs, and because many things are hard to measure without any implementation).
    • b_fiive12 hours ago
      It's been a draft for a long while, and was only recently approved
    • kevvok10 hours ago
      It’s pretty common for IETF drafts to be substantially complete well before they are finalized as RFCs. For example, supporting ML-KEM in TLS is still a draft, but there are already multiple large scale deployments of it since the technical aspects were nailed down a while ago
  • AiStockAgent629 hours ago
    [dead]
  • ChrisSpoke6810 hours ago
    [dead]