|How to Subscribe to CMU AVES?|
We have deployed an experimental AVES service at CMU. If you are a CMU network user and would like to sign up for the service, please first read the important information in the next section regarding details of the service provided and software requirements. Then, please fill out the sign up form. We will review your application and if approved we will contact you by email to let you know where to download the necessary software.
If you are not a CMU network user, we cannot provide service for you at this time. We are working to deploy AVES in a peer-to-peer fashion for the general public, more details on this effort can be found here. Nevertheless, we may make exceptions for academic researchers to experiment with our service. Please email eugeneng+aves at cs.cmu.edu to request for an exception.
AVES provides the user with additional capabilities of allowing hosts without globally unique IP addresses to be reachable, it does not interfere with existing capabilities of your network. You can expect the current behavior of your network to be unchanged. To use the service, you will need to run an AVES NAT Daemon software on your NAT gateway. This software requires no complex installation, and you can remove it by simply deleting it.
AVES has a lot of security features to keep your computers as protected as possible, however, you should always secure your computers just as you should secure your NAT gateway even if you are not using AVES.
Prerequisites: In order to use our AVES service, for now, your NAT gateway device must be an Intel PC running Redhat Linux version 6.1 or later or equivalent (although this is not verified, a Linux 2.2 kernel should work, the key is to have the "IP: firewall packet netlink device" option and the other appropriate firewall options compiled into your kernel). If you are interested in helping us to port the code to either Windows or Mac, please contact us, we would love to talk to you. Note that there is currently no support for IPv6.
Disclaimers: THE AVES SERVICE IS AN EXPERIMENTAL SERVICE, THE SERVICE AND SOFTWARE ARE PROVIDED BY CARNEGIE MELLON UNIVERSITY AND CONTRIBUTORS "AS IS" AND ANY EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL CARNEGIE MELLON UNIVERSITY OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SERVICE AND SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
We provide no guarantee on service availability and service performance. We provide no guarantee on application compatibility. We may record usage statistics for research purposes. If we do use this information, the information will be sanitized to preserve anonymity. As new features are added to the service, users may be required to upgrade their software in the future to continue using this service. We reserve the right to remove users from this service as we see fit. We also reserve the right to limit usage of this service to ensure fairness to all users.
Important Limitations: AVES has connection idle timeout features. This means if a user leaves a connection idle for a long period of time, the connection will be terminated by the service and all unsaved work will be lost. Therefore, it is important for a user to save his work frequently when using this service. Currently, a TCP connection is timed out after an idle period of 30 minutes. All other connections are terminated after an idle period of 15 minutes or less. Secondly, usage of the service is limited to ensure fairness to all users. Each AVES host is on average accessible only once every 30 seconds. In other words, continuous frequent accesses will be rejected by the system. This should not affect most users under normal usage scenarios.
Security Advice: AVES data packets are authenticated. This means that your NAT gateway will not accept packets generated directly from malicious sources. However, to ensure security is maintained, never distribute your AVES NAT Daemon software to other parties. Your AVES NAT Daemon software is customized for your use only, it has an embedded security key that is specific to you, therefore the software cannot be reused for a different NAT gateway. If you have more than one NAT gateway, you will need to obtain multiple customized copies of the AVES NAT Daemon software.
|Sign Up Form|