...

collections/tech/primitives/network/mycelium.md

@@ -0,0 +1,49 @@
+
+# Mycelium our Planetary Network
+
+![](img/planet_net_.jpg)
+
+> TODO: need to upgrade image, also digital twin needs to be named '3bot'
+
+The planetary network is an overlay network which lives on top of the existing internet or other peer2peer networks created. In this network, everyone is connected to everyone. End-to-end encryption between users of an app and the app running behind the network wall.
+
+Each user end network point is strongly authenticated and uniquely identified, independent of the network carrier used. There is no need for a centralized firewall or VPN solutions, as there is a circle based networking security in place.
+
+Benefits :
+- It finds shortest possible paths between peers
+- There's full security through end-to-end encrypted messaging
+- It allows for peer2peer links like meshed wireless
+- It can survive broken internet links and re-route when needed
+- It resolves the shortage of IPV4 addresses
+
+
+Whereas current computer networks depend heavily on very centralized design and configuration, this networking concept breaks this mould by making use of a global spanning tree to form a scalable IPv6 encrypted mesh network. This is a peer2peer implementation of a networking protocol.
+
+The following table illustrates high-level differences between traditional networks like the internet, and the planetary threefold network:
+
+| Characteristic                                                  | Traditional | Mycelium |
+| --------------------------------------------------------------- | ----------- | ----------------- |
+| End-to-end encryption for all traffic across the network        | No          | Yes               |
+| Decentralized routing information shared using a DHT            | No          | Yes               |
+| Cryptographically-bound IPv6 addresses                          | No          | Yes               |
+| Node is aware of its relative location to other nodes           | No          | Yes               |
+| IPv6 address remains with the device even if moved              | No          | Yes               |
+| Topology extends gracefully across different mediums, i.e. mesh | No          | Yes               |
+
+## What are the problems solved here?
+
+The internet as we know it today doesn’t conform to a well-defined topology. This has largely happened over time - as the internet has grown, more and more networks have been “bolted together”. The lack of defined topology gives us some unavoidable problems:
+
+- The routing tables that hold a “map” of the internet are huge and inefficient
+- There isn’t really any way for a computer to know where it is located on the internet relative to anything else
+- It’s difficult to examine where a packet will go on its journey from source to destination without actually sending it
+- It’s very difficult to install reliable networks into locations that change often or are non-static, i.e. wireless mesh networks
+
+These problems have been partially mitigated (but not really solved) through centralization - rather than your computers at home holding a copy of the global routing table, your ISP does it for you. Your computers and network devices are configured just to “send it upstream” and to let your ISP decide where it goes from there, but this does leave you entirely at the mercy of your ISP who can redirect your traffic anywhere they like and to inspect, manipulate or intercept it.
+
+In addition, wireless meshing requires you to know a lot about the network around you, which would not typically be the case when you have outsourced this knowledge to your ISP. Many existing wireless mesh routing schemes are not scalable or efficient, and do not bridge well with existing networks.
+
+![](img/planetary_net.jpg)
+
+The planetary network is a continuation and implementation of the [Planetary Network](https://Planetary Network-network.github.io/about.html) network initiative. This technology is in beta but has been proven to work already quite well.
+

collections/tech/primitives/network/network.md

@@ -0,0 +1,13 @@
+# Network Primitives
+
+- [Planetary network](planetary_network.md): 
+    - is a planetary scalable network, we have clients for windows, osx, android and iphone.
+- [ZOS Net](znet.md):
+    - is a fast end2end encrypted network technology, keep your traffic between your z_machines 100% private.
+- [ZOS NIC](znic.md): 
+    - connection to a public ipaddress
+- [WEB GW](webgw3.md): 
+    - web gateway, a secure way to allow internet traffic reach your secure Z-Machine.
+
+
+

collections/tech/primitives/network/networking.md

@@ -0,0 +1,32 @@
+![](img/zos_network_overlay.jpg)
+
+# ThreeFold Network Technology Overview
+
+Decentralized networking platform allowing any compute and storage workload to be connected together on a private (overlay) network and exposed to the existing internet network. The Peer2Peer network platform allows any workload to be connected over secure encrypted networks which will look for the shortest path between the nodes.
+
+### Secure mesh overlay network (peer2peer)
+
+Z_NET is the foundation of any architecture running on the TF Grid. It can be seen as a virtual private datacenter and the network allows all of the *N* containers to connect to all of the *(N-1)* other containers. Any network connection is a secure network connection between your containers, it creates peer 2 peer network between containers. 
+
+![alt text](net1.png)
+
+No connection is made with the internet. The ZNet is a single tenant network and by default not connected to the public internet. Everything stays private. For connecting to the public internet, a Web Gateway is included in the product to allows for public access if and when required.
+
+### Redundancy
+
+As integrated with [WebGW](webgw):
+
+![alt text](net2.png)
+
+- Any app can get (securely) connected to the internet by any chosen IP address made available by ThreeFold network farmers through [WebGW](webgw)
+- An app can be connected to multiple web gateways at once, the DNS round robin principle will provide load balancing and redundancy
+- An easy clustering mechanism where web gateways and nodes can be lost and the public service will still be up and running
+- Easy maintenance. When containers are moved or re-created, the same end user connection can be reused as that connection is terminated on the Web Gateway. The moved or newly created Web Gateway will recreate the socket to the Web Gateway and receive inbound traffic.
+
+### Network Wall
+
+![](network_wall.png)
+
+For OEM projects we can implement the ThreeFold project without using TCP-IP or Ethernet this can lead to super secure environments, ideal to battle the Cuber Pandemic.
+
+

collections/tech/primitives/network/webgw.md

@@ -0,0 +1,42 @@
+
+
+# TFGrid WebGW
+
+The Web Gateway is a mechanism to connect the private networks to the open Internet, in such a way that there is no direct connection between internet and the secure workloads running in the ZMachines.
+
+![](img/webgateway.jpg)
+
+
+
+
+- Separation between where compute workloads are and where services are exposed
+- Redundant
+    - Each app can be exposed on multiple webgateways at once
+- Support for many interfaces...
+- Helps resolve shortage of IPv4 addresses
+
+### Implementation
+
+Some 3nodes supports gateway functionality (configured by the farmers). A 3node with gateway configuration can then accept gateway workloads and then forward traffic to ZMachines that only have Planetary Network (planetary network) or Ipv6 addresses.
+
+The gateway workloads consists of a name (prefix) that need to be reserved on the block chain first. Then the list of backend IPs. There are other flags that can be set to control automatic TLS (please check terraform documentations for the exact details of a reservation).
+
+Once the 3node receives this workloads, the network configure proxy for this name and the Planetary Network IPs.
+
+### Security
+
+ZMachines have to have a Planetary Network IP or any other IPv6 (also IPv4 are accepted), it means that any person who is connected to the Planetary Network, can also reach the ZMachine without the need for a proxy.
+
+So it's up to the ZMachine owner/maintainer to make sure it is secured and only have the required ports open.
+
+### Redundant Network Connection
+
+![](img/redundant_net.jpg)
+
+
+### Unlimited Scale
+
+![](img/webgw_scaling.jpg)
+
+
+The network architecture is a pure scale-out network system, it can scale to unlimited size, there is simply no bottleneck. Network "supply" is created by network farmers, and network "demand" is done by TF Grid users. Supply and demand scale independently, for supply there can be unlimited network, farmers providing the web gateways on their own 3nodes, and unlimited compute farmers providing 3nodes for compute and storage. The demand side is driven by developers creating software that runs on the grid, system integrators creating solutions for enterprises. This demand side is exponentially growing for data processing and storage use cases.

collections/tech/primitives/network/znic.md

@@ -0,0 +1,11 @@
+# ZNIC
+
+ZNIC is the network interface which is connected to ZMachine.
+
+Can be implemented as interface to
+
+- planetary_network
+- public ip address on a Zero-OS
+
+![](img/znet_znic.jpg)
+