Skype and Firewalls, the Answer

Since I last talked about Skype and that it solved the firewall problem in peer to peer networks, a couple of people have been discussing it with me and asking me about it. Luckily, Jeffrey Gelens pointed me to a “paper”:http://www1.cs.columbia.edu/~library/TR-repository/reports/reports-2004/cucs-039-04.pdf by two guys of Columbia University who took the liberty of disecting the Skype protocol. A comment on “my previous post”:http://www.zefhemel.com/archives/2004/09/21/skype-and-firewalls gave the right answer.

But before I get to that, what was the problem again? Peer to peer networks don’t use centralized servers. Clients are directly connected to one another (they are peers, hence the name). The troube with peer to peer networks is just that: the connecting to one another. Because some people enjoy hacking on to other’s computers, people now use firewalls which disallow any connection from the outside world. Very safe, yet very inconvenient for peer to peer networks. Routers cause the same problem. You can’t easily make a direct connection to a computer behind a router from outside the router’s network.

Skype solves this problem by using intermediates called supernodes. Supernodes are the übermenschen of peers. They have a couple of important properties: blue eyes and blond hair. Just kidding. They do allow incoming connections and have a lot of space and bandwidth to their disposal. Supernodes aren’t born like that, they are dynamically assigned to be supernodes, depending on the need for them. How that works exactly doesn’t really matter (and probably is fairly complex), they’re just there. So, how to get a message from client A to B, if both are firewalled? The solution is one or more intermediate supernodes. Both A and B are connected to the same peer to peer network and so there’s always a road from A to B through one ore more other peers/supernodes. If there wasn’t, they wouldn’t be connected to the same network. The answer is to just take advantage of the indirect connection. If A wants to send a message to B, it would first send it to a supernode it is connected to, which would route it to its neighbour supernodes etc. until it arrives at B. It’s as simple (in theory) as that.

Now we got that problem out of the world, the “paper I just mentioned”:http://www1.cs.columbia.edu/~library/TR-repository/reports/reports-2004/cucs-039-04.pdf is still interesting. It’s fun to read about how an application like Skype works and that it’s really not that amazingly complex as I always imagined. It’s not simple, but that’s just the nature of the peer to peer beast.