[ih] Overlay networks

Jack Haverty jack at 3kitty.org
Wed Aug 20 16:23:04 PDT 2025 

In the 1970s era of ARPANET, a device called a PLI (Private Line 
Interface) was available, as described in an appendix to BBN 1822, which 
defined the interface specs for the ARPANET IMP-Host connection.  The 
PLI established a "red" (secure) set of hosts that could communicate, 
overlaid on top of the "black" ARPANET.   In effect, the "red" network 
of secure hosts was built on top of the "black" one.  It provided 
similar functionality to today's VPNs.

That architecture continued with the advent of TCP, using similar 
approaches to create a "red" Internet built on top of the "black" 
Internet which was growing rapidly in the late 1970s.

In order to test out that architecture - an Internet built on top of a 
separate Internet - we added a new type of network support to the 
gateway software.  In addition to ARPANET, SATNET, WBNET, and others, 
gateways could then exchange datagrams through a "lower level" 
Internet.  The "higher" Internet was built on top of the "lower" 
Internet.  Tried it.  Worked fine.

This was of course very difficult to shoehorn into the OSI 7-layer 
architecture.

At roughly the same time (1980ish), the "core gateways" were modified to 
enable the use of X.25 connections between gateways. Effectively, the 
entire public X.25 network was now able to be used to interconnect 
gateways in the Internet.  A gateway at BBN (Cambridge,MA) and a gateway 
in the UK were both modified to use the public X.25 network for 
interconnection across the Atlantic.  This provided a second "alternate 
path" between the US and Europe for The Internet.

We probably could have also defined a way for host computers to 
interface to a gateway through the "LAN" of the X.25 public net, but we 
didn't need to do that at the time.  I also don't recall that there were 
any TCP implementations available that knew how to interact with an X.25 
network.   Interconnecting just gateways over the X.25 world provided 
the needed redundant connectivity between the US and Europe.

At roughly the same time, someone (may have actually been me) noted that 
a circuit, i.e., a wire, was effectively a very simple type of network, 
with just two addresses - "this end" and "that end".  Such a network 
didn't even need a "local header" at all.  What you sent in this end 
came out that end.   Usually.

Another "network type" was added to the core gateways, enabling them to 
interact over a simple circuit.  We actually tested that by unplugging 
two gateways in a lab that had been connected to an IMP, and 
reconnecting them with a simple wire.  Worked fine.  The Internet didn't 
care what kind of network you used, as long as it could carry 
datagrams.   It might even be one that used carrier pigeons.

I think of the advent of "wire networks" as the point where The Internet 
actually became a Network of its own type.  Other networks were no 
longer required as the way to interconnect gateways.  Wires were good 
enough.  I suspect that now, almost a half-century later, most gateways 
(routers) are interconnected by circuits (wires, or probably now fiber) 
for long-distance connections.

The Internet architecture is definitely highly recursive.  But with such 
complexity other issues arise, especially in the context of network 
operations - how to do fault isolation, figure out what's wrong, gather 
operations data, fix problems, etc.

Jack Haverty


On 8/20/25 13:53, Brian E Carpenter via Internet-history wrote:
> On 21-Aug-25 01:57, Joe Touch via Internet-history wrote:
> ...
>
>> So overlays go back over 20yrs as an active area of investigation 
>> before the ones you found. Anyone know of earlier that explicitly 
>> layered a net on a working net? (Vs ones that arguably to this with 
>> different layers, as with bang-path routing of email in the 1980s)
>
> As you say, the model is recursive. At CERN in the late 1980s we 
> layered bridged Ethernet over CERNET (the in-house packet switching 
> network) and layered TCP/IP, DECnet, and probably more on top of that. 
> In the early 1980s, I personally layered a primitive version of 
> OSI/CLNP directly over another rather obscure in-house packet 
> switching network. This was just the obvious thing to do.
>
> Regards/Ngā mihi
>    Brian Carpenter

-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature.asc
Type: application/pgp-signature
Size: 665 bytes
Desc: OpenPGP digital signature
URL: <http://elists.isoc.org/pipermail/internet-history/attachments/20250820/a82c07ea/attachment.asc>

More information about the Internet-history mailing list