Β 
@SYNTHETISM:~$
/docs
/synet-dev
/synet-core
/network.md
Documents

Title: Synet Network Description

Author: 0en

β€’

Last Update: 30.04.25

:: synet-core

Minimum Viable Network (MVN)

To connect two agents via Synet IP addresses:

Required Components:

Component Role
synet-root Issues/verifies fixed IPs, manages delegated pools
synet-gateway-1 Accepts WireGuard connection, allocates IP, handles routing
synet-gateway-2 Same, other location or node
synet-cli (or hardcoded config) Used by agent to connect
WireGuard Tunnel protocol, active on both gateways and agents

Phase 1: Basic One-Gateway Network

  1. Deploy synet-root

    • IP space: fd00::/16
    • Reserve e.g. fd00::1000/64 for synet-gateway-1

  2. Deploy synet-gateway-1

    • Configured with private WireGuard subnet: fd00::1000/64
    • Connected to synet-root to sync delegation

  3. Agent A connects via CLI:

synet connect --gateway gateway1.synet.dev

  • Agent sends public key to /connect

  • Gateway assigns IP: fd00::1001

  • Gateway returns WireGuard config

  • Agent installs config and joins network

Phase 2: Add Second Gateway

πŸ” To link two gateways together:

This is the key:

Each gateway also connects to the others using a "gateway overlay mesh."

They form peer-to-peer tunnels, exchanging their routing tables or using static routes.

βœ… Required:

  1. WireGuard peer config between gateways:

    • gateway-1 sees fd00::2000/64 via gateway-2

    • gateway-2 sees fd00::1000/64 via gateway-1

  2. Routing Table Updates:

    • Manually or via a BGP-over-WireGuard tool (e.g. Bird2, FRRouting), or even a simple ip route add.

  3. Agent A gets fd00::1001 Agent B gets fd00::2001

They can now ping each other securely across VPNs.

πŸ‘·β€β™‚οΈ Phase 3: Reliable Mesh

To grow:

  • Maintain a global route map in synet-root, listing:

    • Which gateway owns which subnet

    • Its public key + WireGuard endpoint

  • Gateways auto-peer by fetching that table

  • They validate each other via public keys

  • WireGuard mesh = bootstrapped automatically

(We'll need a synet-gateway-meshd helper service for this.)

πŸ” What Prevents IP Conflict?

  • Only synet-root can issue fixed/static IPs.

  • Gateways will reject invalid IP+signature combos.

  • Pool-based IPs can’t overlap β€” they’re assigned via delegated block per gateway.

πŸ“‘ Agent-to-Agent Packet Path

  1. Agent A (on Gateway-1) sends packet to fd00::2001

  2. Gateway-1 sees fd00::2000/64 belongs to Gateway-2

  3. Packet routed over WireGuard tunnel β†’ Gateway-2

  4. Gateway-2 forwards to Agent B

  5. Done β€” secure and peerless

βœ… Summary: What’s Needed

Task Status
Deploy synet-root βœ… Core of authority
Deploy at least 1 synet-gateway βœ… Assign dynamic IPs
Peer two gateways together πŸ” Manual or scripted tunnel config
Configure static routes between them βœ… Routing table
Run agents with WireGuard config βœ… Done by CLI or wg-quick
Build helper: synet-gateway-meshd πŸ”œ Automate peer mesh setup

Would you like me to sketch the YAML/IP layout of a real two-gateway network, so you can plug it into your infra or local dev box for testing?

Synthetism Foundation
No cookies, no ads, no traps.
Privacy
Constitution
Contact
Join