Mesh Networking 101
The mesh is an underlay for data sync within Ditto, operating independently of your queries and sync subscriptions. Data updates propagate through the mesh automatically, provided your sync subscriptions match.
Whether you have two devices or two thousand devices in your mesh, Ditto incorporates several algorithms to maintain an optimal mesh network at all times.
This article provides an overview of the very basics of Ditto's mesh technology, covering key topics such as:
- Communication transports like Bluetooth Low Energy (LE).
- The multiplexer that enables Ditto's rainbow connection.
- The flood-fill design pattern.
- Peer-to-peer authentication and access controls and permissions.
- Concurrency conflict-resolution strategies.
Upon initiating the sync process by invoking the startSync function from the top-most scope of your app, peers with the same app ID immediately form a mesh network using a mixture of communication transports, each with advantages and disadvantages. For example, Ditto prioritizes Wi-Fi for its high bandwidth and only falls back to Bluetooth LE when needed to take advantage of its longer-range capabilities.
Unlike typical home networks — which represent a star topology where all devices connect directly to a central router, switch, or access point — a peer-to-peer mesh network offers multiple pathways for communication.
Here's a quick video overview by Ditto's Network Transports Team Lead, Tom Karpiniec:
Ditto leverages an array of communication transports, supporting a variety of use cases and end-user devices. Communication transports are networking protocols that facilitate data transmission across different environments. For instance, using the local area network (LAN) transport for data movement in an office-like setting.
Which transports Ditto supports depends on what kind of device or Small Peer SDK you are using, for example:
- A mobile phone can use Bluetooth LE, LAN, Wi-Fi Direct, and WebSocket.
- A web app running in a browser can use WebSocket.
- A Raspberry Pi can use Bluetooth LE, LAN, and WebSocket.
While many transports are set up automatically, others, such as WebSocket, if configured with the Big Peer, require that you manually configure them in your app.
In addition to peer-to-peer transports like Bluetooth LE, you can opt to connect to a decentralized cloud deployment, which you configure by simply specifying its URL. This decentralized cloud deployment is called the Big Peer, while regular SDKs are Small Peers.
Many apps need to sync data with the Big Peer, connecting your data in your mesh network with other systems running centrally in the cloud. The Ditto SDK uses peer-to-peer and Big Peer connections simultaneously, turning your mesh global. This is as easy as setting your server's URL.
Big Peers are especially important for those who want to use Ditto in a web browser since web browsers have very limited peer-to-peer capabilities — you can configure the JavaScript SDK with the Big Peer and sync.
An SDK can sync in any of the following ways:
- Directly with a Big Peer
- Locally with Small Peers
- With both at the same time, acting as a bridge for devices without internet access.
For more on Big Peer, see: Cloud Platform Overview
Ditto utilizes both traditional Wi-Fi and Bluetooth Low Energy (LE) to maintain a continuous mesh network of Transmission Control Protocol (TCP) connections.
Bluetooth LE technology forms low-powered and high-distance connections between devices, making it highly performant in offline scenarios when replicating small amounts of data.
In the event of a Wi-Fi network disruption, such as a router getting disconnected, Ditto does not automatically switch transports to establish an independent Bluetooth LE connection as a fallback.
Instead, Ditto actively works to maintain the previously established Wi-Fi and Bluetooth LE connections.
The following visual overview illustrates how Ditto uses Bluetooth LE to form low-powered, high-distance connections between peer devices.
The distances and bandwidth limitations and capacities illustrated in the video are approximations and vary depending on the Bluetooth® firmware installed on the device.
Available to most devices, standard peer-to-peer Wi-Fi enables direct, point-to-point connections between peers without requiring traditional network infrastructure like a centralized server, router, or access point.
In addition to standard peer-to-peer Wi-Fi, Ditto incorporates a customized multiplexer to increase frequency, speed, and efficiency of data transmission between peers participating in the mesh.
The following table provides an overview of the Wi-Fi technologies Ditto supports:
Platform | Ditto-Supported Technology |
---|---|
Apple | Apple Wireless Direct Link (AWDL) |
Android | Wi-Fi Aware |
The following video illustrates Ditto’s sophisticated and decentralized approach to peer-to-peer Wi-Fi connections between distributed peers connected in the mesh network:
The maximum distance of a connection can vary depending on the specific peer-to-peer transport type being used.
When devices are connected over the same Wi-Fi access point or through other means like an Ethernet cable, they can take advantage of a local area network (LAN), if available, to communicate directly with each other without requiring internet access.
A LAN is an interconnected network made up of devices that are physically near each other, such as a home, enterprise, or college campus.
Peers use WebSocket connections to enable realtime, bidirectional sync between Small Peers and the optional cloud deployment, the Big Peer.
Before you can establish a connection with the Big Peer using a WebSocket, you need to specify an IP/PORT. (See Customizing Transports Configurations)
The defining attributes of a WebSocket include:
- Requires an internet connection to establish peer-to-peer communication.
- Unlike the other peer-to-peer transport types, does not automatically discover other peers physically nearby.
- WebSocket connections can be made over a Transmission Control Protocol (TCP) or Local Area Network (LAN).
Ditto incorporates a multiplexer inside the peer-to-peer mesh network to facilitate data sync.
Developed by Ditto, the multiplexer is an intelligent sync machine that seamlessly switches between active transport types as needed, without duplicating data.
In addition, the multiplexer breaks down data packets into small fragments and then, once received on the other side, reassembles them.
When the transports collaborate in parallel and the multiplexer automatically switches between them to establish the most optimal connection, these diverse transport types collectively form what is known as the rainbow connection — each color of the rainbow symbolizes a different transport type:
When all peers connected in the mesh need to share the same view of the data, Ditto initiates the flood-fill process to multihop data from one connected peer to another connected peer by way of intermediate “hops” along a given path.
Flood fill, or flooding for short, is a common pattern in a mesh network topology for enhancing efficiency and reliability by ensuring data propagates across connected peers efficiently and reliably, regardless of their queries.
When flooding the mesh, data moves from one connected peer to another through intermediate "hops" along a defined path.
For example, imagine a daisy chain from point A to point B, as illustrated in the graphic on the right.
The benefits of flooding the mesh include:
- Guaranteeing a consistent offline-first sync of critical data, ensuring data remains consistent even when connectivity is intermittent.
- Improving the overall responsiveness of your app, leading to faster interactions.
- Reducing costs by optimizing data operations since, when feasible, you can read and write data to a nearby peer instead of traversing a very fragile, low‑bandwidth data source.
For the multihop communication process to succeed, every peer within the chain, or connecting group, must meet the following preconditions:
- Share the same subscription
- Accessible through the transport mechanism
For example, if peers A, B, and C in the following graphic are subscribed to the same query, changes are synchronized across them, meaning all peers in the chain are aware of the same dataset:
Independent of the internet, Ditto syncs data among peers by establishing sessions and forming a mesh network using all available network transports on a device. In this process, discovered peers create a presence graph by advertising and forming connections.
For more information, see Presence Operations and Using Mesh Presence.
Much like a conventional city map with roads, the presence graph is like a guide for peers, helping them determine the shortest and fastest paths to route updates from point A to B.
If an intermediate peer becomes unavailable, the presence graph facilitates route updates, ensuring continuous connectivity similar to navigation apps like Google Maps. This flexibility allows the multihop links, established during the flood-fill process, to adapt as devices join and leave the mesh network.
Represented by different colors in the following graphic, available transports establish multiple active connections simultaneously within the mesh:
Ditto's security relies on digital identities for peer-to-peer authentication and access control permissions.
Before participating in a mesh and exchanging data with nearby peers, each instance of Ditto running in your app must connect to the internet at least once to establish the necessary infrastructure within the Big Peer, including generating the access credentials required to participate in the mesh and sync offline.
Ditto ensures the security of each connection — unlike Bluetooth Low Energy (LE), which lacks native security measures, Ditto provides each end-user device participating in the mesh with certificates signed by a root certificate identifying connecting devices.
In addition, all connections between peers participating in the mesh are encrypted using Transport Layer Security (TLS) version 1.3. (See the official Transport Layer Security Wikipedia article)
Approval for NSA-level encryption through collaboration with the military is in progress and is expected to be available later this year. For more information, contact Ditto. (See Contact Us)
Each instance of Ditto running in your app is assigned a random universally unique identifier (UUID). This string of alphanumeric characters uniquely identifies your app across the Ditto platform and other integrated systems and environments, including:
- Change Data Capture (CDC) in Apache Kafka, third-party databases, business intelligence tools like Microsoft BI, and so on.
- Big Peer, to establish necessary infrastructure. For instance, the Big Peer uses your app ID to identify your app before issuing your access credentials.
Using Ditto's onlinePlayground identity, you can sync with other peers who share the same app ID and read and write to collections without the hassle of setting up your own authentication.
A challenge arises in offline scenarios when two or more peers make edits independently and the data values stored by each peer diverge over time.
Referred to as conflict resolution, Ditto's process of addressing concurrency conflicts involves a combination of a metadata database and guiding principles, as follows.
Each peer individually maintains its own metadata database. The metadata database serves as a storage repository of information essential in resolving conflicts that arise when merging concurrent changes.
Within this metadata database is the version vector. The version vector manages the following essential details for a particular peer:
- The current state of sync.
- A record of the data previously sent and received.
- The sequence of updates.
- The timestamp of last write operation.
Ditto adheres to the following strategies to ensure that all peers ultimately reach the same value for a particular data item:
- Deterministic — As part of the strategy of eventual consistency, regardless of the order in which updates from different peers are received and merged, all peers ultimately converge to the same single value.
- Predictable and Meaningful — Instead of arbitrarily resolving conflicting registers to a predefined value, the resulting merge accurately represents the original input and some rational interpretation of that input.
The multiple replicas that result from a single partition are spread across virtual and relevant physical server nodes; that is, the Big Peer cloud deployment and local Ditto stores of subscribing Small Peers.
By default, Ditto does not automatically replicate data to peers. Instead, peers subscribe to changes and, using a query that you've defined, indicate the data they're interested in watching for changes. Once a change is observed somewhere in the mesh, only the delta matching your query replicates to other subscribing peers.
In simpler terms, sync involves a subscribing peer selectively "pulling" data from other peers, rather than remote peers automatically "pushing" data to it.
Partitioning and replication are central to ensuring rapid and dependable data access for your end users. With Ditto's query subscription system, devices are able to sync both Ditto document and attachment objects efficiently and intelligently.
For a direct explanation of the query subscription system that controls Ditto's data sync service, watch the following video on the functionality of subscriptions. In this video, the tech lead of Ditto's replication team discusses the synchronization process between two peers — one with an empty document set and the other with seven billion documents:
The Ditto SDK features a configuration structure called TransportConfig, which is stored within the main Ditto object. By default, if you don't make any changes to this configuration, Ditto will automatically enable all available peer-to-peer transports.
If you create a new TransportConfig, it has three main sections:
- peerToPeer
- connect
- listen
Most apps only require configuring the peerToPeer and WebSocket settings. For instructions, see Customizing Transports Configurations.
Use the listen parameters designated for scenarios, like web browser clients operating on fully offline networks, only when explicitly instructed by Ditto support.
Misconfiguring these listener features may bypass Ditto's standard encryption and access control mechanisms, leading to potential security vulnerabilities.