Ξ welcome to cryptostorm's member forums ~ you don't have to be a cryptostorm member to post here Ξ
Ξ any OpenVPN configs found on the forum are likely outdated. For the latest, visit here or GitHub Ξ
Ξ If you're looking for tutorials/guides, check out the new https://cryptostorm.is/#section6 Ξ
Freewheeling spot to chew the fat on anything cryptostorm-related that doesn't fit elsewhere (i.e. support, howto, &c.). Criticism & praise & brainstorming & requests for explanation... this is where it goes when it's hot & ready for action!
- Posts: 1
- Joined: Sat Oct 08, 2016 4:06 pm
From reading the other threads, this is what I can gather about the flow of traffic in voodoo networking:
- Client sends encrypted traffic to entry node
- Entry node hides client address
- Entry node forwards encrypted traffic to central node
- Central node forwards encrypted traffic to exit node
- Exit node determines destination address
- Exit node forwards traffic back to central node
- Central node decrypts traffic (as usual)
- Central node sends traffic to destination (as usual)
- Destination sends back traffic to exit node
- Exit node forwards traffic to central node
- Central node encrypts traffic (as usual)
- Central node forwards encrypted traffic to the entry node
- Entry node determines client address
- Entry node sends encrypted traffic to client
However, there are still some things I'm skeptical about...
- How is the client/destination address determined?
- Does the entry/exit node keep it in memory or decrypt it on the fly?
- Does the client establish a shared secret with the entry/exit node?
- What stops the central node from simply matching traffic in step 4 to traffic in step 6?
Sorry if these questions have already been answered; I have yet to find something that consolidates this information and I'm really curious about how this all works.