Cloud Computing

Decentralized Network Security with Interstellars

We have heard about multifarious approaches to network security in the insecure times today with quite a few of them adding additional complexity and manageability to the already complex centralized cloud computing and data center setups.

Interstellars are a part of SynchroKnot Spatial Defined Networking and allow the creation of networks separated and secured directly at Ethernet layer 2. In Cloud Computing terminology, with Interstellars, the tenants have the ability to bifurcate and secure their network of virtual machines across decentralized hardware by simply assigning the virtual machines’ network interface card with a 28-bit Interstellar Identification.

By bifurcating and securing the decentralized network at layer 2, only the virtual machines that have the same Interstellar Identification can communicate with eachother, irrespective of their local or global location.

As an additional benefit, you can save a lot of time and energy by not having to carve separate layer 3 networks and setting up different gateways for them. Further, you may not have to configure the virtual machines to point the gateways you set up to have them communicate!

In this way you can substantially reduce the complexity, manageability and maintainence of networks and also further reduce the risks of misconfigurations which usually lead to security breaches.

Interstellars come built-in with the SynchroKnot software. The SynchroKnot software transforms any server, workstation, desktop or embedded device into a decentralized cloud or data center [data decenter].

You can use any commodity X86_64 Desktop/Workstation/Server/Embedded device and connect them to eachother in minutes.

Here are some of the highlights of how SynchroKnot Interstellar approaches network security by getting directly to the heart of layer 2 Ethernet:

■ Fully Flattens, Bifurcates and Secures the network at Layer 2. Works transparently, irrespective of stacked / unstacked vlans, and without deviating from standard Ethernet semantics.

■ Based on the design and architecture of Interstellar Identification, Interstellar Resonance Identification and Interstellar OUI [Organizationally Unique Identifier].

■ Each vNIC of the virtual machine MAC address has a 28-bit Interstellar Identification. Assign your own choice of Interstellar IDs.

■ Each virtual machine with the same Interstellar ID can communicate with eachother irrespective of their location. All other traffic from the virtual machine is not allowed to touch the network.

■ In the case where a virtual machine needs to resonate [ communicate ] across different Interstellars at the same time, additional Interstellar IDs can be accommodated in the form of Interstellar Resonance IDs. Both Interstellar and Interstellar Resonance IDs remain intact even when the virtual machines relocate to any other decentralized location.

■ Interstellar OUI allows direct interaction of the virtual machines with the existing physical data center infrastructure [ routers, switches, gateways, appliances & devices ]. Simply add the needed OUI(s) [ organizationally unique identifier – a 24-bit number that uniquely identifies a vendor or manufacturer ] and gain transparent access.

■ Interstellars [ in collaboration with other SynchroKnot features ] allow for flexible carving of the IP network(s) of the virtual machines by allowing the creation of large networks [ eg: /7, /8, /16 etc ] without having to set up routing and gateways to move across subnets or worry about broadcasts. The same flexibility is transparently possible with IPv6 and anything usually above layer 2.

More information is available at:

Cloud Computing

Decentralized Virtual Machines : What Are They?

Decentralized virtual machines are those in the sense that do not have a centralized orchestrator as seen with software such as VMware, OpenStack, Kubernetes, Docker, Hyper-V and others.

In other words, they are not managed via a centralized control point(s) but instead are managed by their de-orchestrator [decentralized orchestrator] on the hardware where they operate. The de-orchestrator additionally allows the management of all other virtual machines running on separate hardware at decentralized locations anywhere in the world and in parallel!

The only known de-orchestrator that can do this today, along with a myriad of extra add-on features, is a small yet important part of the SynchroKnot Cloud Computing Software.

In this article we will talk about the creation, storing, snapshots and relocation [live migration] of these decentralized virtual machines.

The SynchroKnot software imbibes and enables regular standard QEMU KVM virtual machines [the same ones used in OpenStack] with decentralized features and capabilities.

Let’s count a few unique features before moving forward:

■ They can be used as High-Performance Desktop and Server Virtual Machines, as they sit directly on storage. There is no Network Latency and Dependency, since the hard drives are NOT accessed over wire. Furthermore, there is no complexity as there is NO SAN / NAS / Distributed File or Block Storage used.

■ Copy-on-Write based independent replica(s) [ writable snapshots ] can be created in under a second even if the virtual machine is running under high-load situations.

■ Replication, Recovery and Disaster Recovery is possible with FASTR [Fast Asynchronous Triggered Replication] which is very simple to set up, replicate and recover.

■ Automatic or Static Virtual Machine creation on any or a specific refined group anywhere on any commodity hardware [x86_64] in the world.

■ Efficient direct access to the virtual machine console using VNC and/or SPICE without proxies / brokers.

The direct access offers web browser view via HTML5 and/or Java [applet]. It also displays the IP address and port(s) for access via regular [non-web-browser-based] clients. Dynamic-static automatic port allotment without the use of any database allows the same port to be accessed every time, which is very useful for non-web-browser-based clients.

■ Dynamic Static Public and Private IP addresses and related other features with decentralized DHCP. You don’t have to depend on a centralized DHCP server unless you want to, and you do not have to manually configure the virtual machines to give them IP addresses, among other things.

Eg. you can assign ANY Name, IP Address [Public/Private IPv4 IP Address], Netmask, Broadcast, Default Gateway, MTU [Maximum Transfer Unit], NTP, DNS, Domain Name, Domain Search, Log Server, NETBIOS [Name Servers, Datagram Distribution and Node-Type], SMTP server, POP3 server, plus also, Enable IP Forwarding, Set TCP Keepalive, Set Multiple Classless Static Routes and more.

Further, if you need to point your virtual machine[s] to a centralized DHCP server[s] then you can use secure DHCPCAST feature which is built-in. This feature allows the virtual machine[s] to get their IP address[es] from a specific DHCP server.

■ Automatic or Static Decentralized Creation and Relocation [we will learn about that below].

■ Extreme ease and flexibility in management and de-orchestration with the built-in infrastructure engine which has the simplicity and look of a search engine, but instead, has actual intelligence built-in to control and manage end-to-end decentralized infrastructure in real-time.

■ Extreme ease in control, as the user interface is designed and built at the intersection and fusion of commandline interface and graphical web user interface for scalable precision control.

■ Password-less login using proven blockchain cryptography. Simply login with just your Blockchain/Bitcoin ID to manage the virtual machines. No passwords, checksums, salts etc. used or kept anywhere. Further, if your organization requires, you can additionally and easily integrate it with your existing LDAP and/or Active Directory servers.

■ Strong network security is provided at layer 2 with a special feature of Interstellars and ARPless Interstellars.

…… and much more.

[Demonstration videos and an in-depth explanation of features is available at the official website for those who are interested.]

Before we get started here is a brief warm up of the used terminology:

Spacesuit: virtual machine template. New virtual machines are created from this.
Spatial Fabric Satellite: any physical machine [commodity [x86_64] server/workstation/desktop/embedded device] where the tenant has the hardware resource to run their virtual machines.
Spatial Fabric Array: bifurcated hardware resources [CPU, Memory, Network, Storage] assigned to the tenant on the Spatial Fabric Satellite.
Microcosm: tag(s) related to where the Spatial Fabric Array is located [eg. row, rack/shelf, CPU type, network type, topology etc]. 
Macrocosm: tag(s) related to region where the Spatial Fabric Array is located [town, city, state, country, zip code, north, south, east, west, ne, nw, se, sw etc]. 
Intercosm: tag(s) related to group/team/provider identification [names/Blockchain id] for correspondence, management and support, and a combination of Microcosm and Macrocosm.

Note: Microcosm, Macrocosm and Intercosm can be set and updated by the tenant.

█║ Virtual Machine Creation

Virtual machines can be created with great ease and speed with minimal storage utilization due to the copy-on-write feature of the ZFS file system. The complexity of management and maintenance of virtual machine volumes, snapshots, clones and their deeply intertwined inter-dependencies is greatly minimized-to-eliminated with the built-in automatic Transparent Interdependent Volume Removal feature, so there is no need for user intervention.

Here are some of the multifarious ways you can create virtual machines:

■ Auto Create a Virtual Machine from a Spacesuit [ ie. from a virtual machine template ].
■ Auto Create a Virtual Machine from a Spacesuit on a Spatial Fabric Array with high or low performance.
■ Auto Create a Virtual Machine from a Spacesuit on a Spatial Fabric Array from a refined group using Microcosm / Macrocosm / Intercosm or their combination. Further automatically choose a Spatial Fabric Array with high or low performance.
■ Manually Create Virtual Machine from Spacesuit on a specific Spatial Fabric Array.
■ Auto Create Virtual Machine from an existing Virtual Machine [not Spacesuit].
■ Manually Create Virtual Machine from an existing Virtual Machine on a specific Spatial Fabric Array.
■ Auto Create a Spacesuit from an existing Virtual Machine.
■ Manually Create a Spacesuit from an existing Virtual Machine on a specific Spatial Fabric Array.
■ Create from Spacesuits or Virtual Machines while they are running [ switched on ] without disruption.

All these complex operations use the Decentralized Resource Radar to ascertain and intelligently trigger after retrieving metadata in real-time.

Below is a link of a video demonstration from an older version, but enough to give an idea:

Create decentralized virtual machines

█║ Decentralized Automatic and Manual Virtual Machine Relocation

Similar to the creation, the relocation [live migration] is also quite unique:

■ Auto Relocate virtual machines with their storage without knowing where the virtual machine you intend to relocate resides and without knowing who the receiver will be. Further, the receiver does not know who the sender will be. Just the name with the relocate trigger or the click of the Auto Relocate button. Everything is auto-ascertained and executed by the decentralized resource radar, without reading a central or distributed database or resource.
■ Manually relocate to a specific Spatial Fabric Array by simply giving its IP address.
■ Auto relocate to a refined group of Spatial Fabric Arrays with the help of Microcosm, Macrocosm and Intercosm [ individually or their combination ].
■ Auto relocate to high or low performance Spatial Fabric Arrays by simply adding performance:[high / low]. Further, use it with Microcosm, Macrocosm and Intercosm [ individually or their combination ].

Here is a demonstration video:

Decentralized Automatic and Manual Virtual Machine Relocation

█║ Virtual Machine Replicas [Snapshots]

Replicas are writable snapshots of virtual machines which can be created in under a second even if the virtual machine is active and running under high-load situations.

Replicas don’t relocate with the virtual machines, reducing the burden of tugging along snapshots, yet still available to be reverted to the original or created into new virtual machines.

Replicas allow you to move back and forth in time with specific granularity and ease.

Here is a demonstration video:
Virtual Machine Replica

Moving virtual machines from VMware, Openstack and related virtualization technologies onto SynchroKnot can be as simple as converting/changing their virtual disk format and sometimes not even that!

In this article, we have made an attempt to present some of the qualities of decentralized virtual machines. Now you can be in a better position to ascertain the real-world benefits [if any] to your organization.

For full description and technical overview of all the features please visit