Passim, a local caching server

Darkcrizt

3 minutes

passim

Passim is a local caching server using mDNS

Recently the creator of a large number of Gnome applications, made known through a blog post, its new project, which has the name «Passim», which is a local caching file distribution server that uses content hashes to address IPFS-like content.

The idea behind of Passim, is basically addressing the issues behind the delivery of the same content which is downloaded a large number of times from global servers or CDNs. And it is that as described in the blog post:

As part of running passim/LVFS projects, I've seen downloading this "small" file once every 24 hours turn into tens of millions of requests per day, which equates to ~10TB of bandwidth. . Everyone downloads the same file from a CDN…

What if we could download the file from the Internet CDN on one machine, and the next machine on the local network that needs it downloads it from the first machine? We could put a limit on the number of times it can be shared, and the maximum age so that we don't store yesterday's metadata forever...

We could reduce CDN traffic by at least an order of magnitude, but possibly much more. This is better for the person paying the cloud bill, the person paying the internet connection, and the planet as a whole..

About Passim

passim can be used in order to increase the performance capacity of the apps that usually download data and secondary files to handle other requests. The main idea is to use Passim as a way to deliver caching content for use of local network systems, without the need to interact directly with the primary servers and without using a global CDN.

An example of use that is mentioned for Passim, is that can be used in the distribution of software updates, ad protection system metadata, administrator updates, etc. In practice, Passim is planned to be used for the purpose of planning the fwupd distribution and the LVFS project.

It is also mentioned that el project uses a model SHA-256 based file addressing of its content, as well as the use of the hash too allows file identification with el self content, so the search for similarities is not based on the symbolic names which they are assigned. For avoid the falsification of files in the side of the client, value hash should verified using the value hash computed to leave of the content of the downloaded data.

The data in storage can be added automatically or manually, and are reduced to copying the file into the directory /var/lib/passim/data and set maximum lifetime and limits on the number of downloads via extended attributes (xattr).

After the expiration of the useful life or exceeding the limit on the number of downloads, the file is automatically deleted. The files present in the repository are reflected in a shared index that all users can obtain using mDNS or by downloading the index over HTTP.

Regarding the operation of Passim, it is mentioned that it:

It uses a simple single threaded HTTP server to upload files. The files and the index are provided without authentication and without encryption (HTTPS is not supported), since the system is designed for public distribution of data on the local network. The download is done by sending an HTTP request in the form, where the hash is the key identifier (files are not returned without a hash). The initial verification hash and GPG signature are downloaded via a call to an external CDN.

Initially, for organize el access to firmware updates in LVFS, was considered the posibilidad de use storage based on a work of decentralized files, as it is IPFS, but finally it was decided can bring to life a alternative ownPlus tailored, destined to Download solo from servers on the local network.

It is mentioned that the main reason for the rejection of IPFS was the potential legal problems caused by IPFS falling under ITAR (International Traffic in Arms Regulations) and EAR (Export Administration Regulations) export restrictions due to the use of advanced encryption.

Among other drawbacks of IPFS that arise when solving the problem of delivering firmware on a local network, mention is made of the complexity of the installation, the lack of ready-made packages in the distributions, the long time it takes to find resources, the need to use a gateway to access IPFS over HTTP and a lack of priority access for local clients.

Finally If you are interested in knowing more about it, you can check the details in the following link


Leave a Comment

Your email address will not be published. Required fields are marked with *

*

*

  1. Responsible for the data: AB Internet Networks 2008 SL
  2. Purpose of the data: Control SPAM, comment management.
  3. Legitimation: Your consent
  4. Communication of the data: The data will not be communicated to third parties except by legal obligation.
  5. Data storage: Database hosted by Occentus Networks (EU)
  6. Rights: At any time you can limit, recover and delete your information.