Difference between revisions of "Networking"

Latest revision as of 20:02, 23 January 2023

The page contains technical content relevant for the scope of the application level networking components.

HTTP(s) Endpoints

Documentation about replica components that open listening sockets, so NNS managed nodes can communicate with replica nodes can be found in rs/http_endpoints/README.adoc

Networking Adapters

Networking adapters are processes on the ReplicaOS that run next to the main replica process and can issue outgoing calls to the internet. The intent of an adapter is to serve as proxy which sanitises data received externally. Networking adapters are used by Bitcoin integration and HTTPS outcalls features.
The main replica process uses gRPC for communicating with the co-located adapters via Unix domain sockets.

NNS Managed Firewall Configuration

The IC uses nftables to restrict outgoing and incoming connectios on each IC node. The registry contains relevant topology information which the IC uses to derive nftables rules.

Rust

Crates

The following crates are heavily used by the networking components

tokio, tower, hyper, tonic

@@ Line 2: / Line 2: @@
 == HTTP(s) Endpoints ==
+Documentation about replica components that open listening sockets, so NNS managed nodes can
+communicate with replica nodes can be found in [https://gitlab.com/dfinity-lab/public/ic/-/tree/master/rs/http_endpoints rs/http_endpoints/README.adoc]
 == Networking Adapters ==
@@ Line 9: / Line 12: @@
 == NNS Managed Firewall Configuration ==
-The IC uses [https://en.wikipedia.org/wiki/Nftables nftables] to limit access to active ports on each IC node. The registry contains relevant
+The IC uses [https://en.wikipedia.org/wiki/Nftables nftables] to restrict outgoing and incoming connectios on each IC node. The registry contains relevant topology information which the IC uses to derive nftables rules.
-topology information which the IC uses to derive nftables rules.
 == Rust ==