Discussion summary

Recent discussions highlight improvements in IPFS performance, especially in DHT lookup speeds, with some users noting sub-200ms times. Concerns remain about content deletion, security, and initial download difficulties.

What the discussion says

  • IPFS lookup times have improved significantly, now often under 200ms.
  • Some users still face issues with content deletion and security concerns.
  • Performance issues like slow initial downloads and stale records are acknowledged.
  • Ongoing development aims to enhance speed and reliability.
CID lookup is consistently <200ms from the EU.
throwaway8388
It's great to see improvements in DHT performance.
hannesfur

Comments

Hacker News

I'll add to the "is it still...?" questions.

Last I was told about it, there was no way to delete stuff from IPFS. Nothing enforceable, at least. Setting aside that public stuff is "impossible" to delete on the internet, there's something appealing to me about being able to shut off my server. Feels like that is less possible with IPFS hosted content.

Does anyone have some perspective for me about removing content?

by catapart

Imagine you created a torrent (and/or magnet link) with a file and then stopped seeding after some time. If it was popular it will probably live on, if not then eventually it disappears.

by deno

Are the defaults still leaking your whole internal and external IP allocations to the dHT still?

Its security posture was absolutely fucking gross the last time I reviewed it.

And of course, there's a shitcoin bolted on as well. Last thing I want to do is feed into FileCoin. Of course, everything new these days has some financial interaction crap bolted on to entice speculators and ilk.

by nekusar

Am I the only one who has never managed to get an IPFS file to successfully download?

by gumboshoes

Slightly tangential to the article, which seems interesting, but the main issue with IPFS was the horrendous performance of clients which I seem to recall related to having a refresh storms, sparse routing tables, unreachable peers as well as lookup speeds. Mostly the reputation was so bad that people didn't bother with it, I dismissed it for my own project. If your only users are crypto-grift projects you're in a bad place.

by davidwritesbugs

Did you ever try to keep files on a really good storage?

by hyp0thetical

Is it also possible to speed up lookup? I never used IPFS much as it took several minutes to find a cid.

by someonebaggy

Having worked on libp2p‘s DHT (Double Hashing for rust-libp2p) for a bit two years ago, it’s really great to see that there are improvements. To get to CDN level speeds though on dense networks, I still see it as an architectural flaw to not somehow encode network topology into the PeerID / identity in the DHT. A start would be to use the five RIRs. If you want to be more sophisticated, and I spent a lot of time theorising about this, you could have a dezentrally governed anycast IP address of Geo DNS to bootstrap new peers into their neighbourhood and couple that into their DHT identity. But do you want to put BGP into the hands of a decentralised system? Could you even do it in the governance structure of the internet?

Btw when we were working on our project HyveOS, we used Batman-advs routing table to quickly (really really quick) bootstrap new peers into the system.

Ah… sometimes i really miss working on this.

by hannesfur

We shouldn’t expect bodies and companies that benefit from centralization to give us crumbs. Remember IPv6 global multicast? ISPs killed that on sight.

We need to get encrypted mesh networking (Yggdrasil, CJDNS, FIPS etc) out there before it’s too late.

by yangm97

Is anyone still (or has anyone ever) used IPFS in production?

I’m not talking about technology demos such as Wikipedia-on-IPFS (which indeed worked and was impressive) but where IPFS is actually being relied on for some functionality.

by boramalper

the thing that prevented me using ipfs in anger.. (granted i may not have looked hard enough) was that i couldn't have stuff in ipfs, and access it via posix filesystem at he same time. i'd have to store things twice.

fine for publishing, but not for having a live data set that is both used and published at the same time, as you can do with torrent.

by phae

Back when I was working at a website builder, we used IPFS for distributing content between our serving clusters.

If also made the sites available on IPFS, but that was a secondary concern.

by bergie

the containerd stargz snapshotter has an IPFS integration so you can use IPFS instead of a traditional OCI registry to store your OCI containers

Not using it in production but i found it pretty cool to test

by preisschild

NFT artwork, if you count that. Briefly checked, the ones that were traded for the most were using IPFS rather than HTTP. But I also don't trust that these aren't self-wash sales (easy given the "NF" part), also NFTs are dumb.

by frollogaston

Yeah.. IPFS is a bit disappointement. I was a bit exceited about it back in the day. Recently, I wanted to download sth large from archive.org, I used torrent (and my legacy torrent client) and it worked like a charm!

It seems pure HTTP tracker + Torrent is good enough.

by Borg3

It doesn't seem like it's popular to put old game ROMs on IPFS...? And that surprises me...

by MattCruikshank

It's funny because even in Piracy, IPFS has never really taken off and that's a massive use case.

by pixel_popping

I use it for about 5 years, to publish javascript file (proxy auto-configuration) and serve the contents over different gateways.

It is a huge server traffic saver.

Used to use it to host different static websites on custom domains while Cloudflare's gateway was working, stopped using it for this purpose since its sunset in 2024.

Neocities used to publish their websites over IPFS, this feature got broken (for years) and finally got removed: https://github.com/neocities/neocities/issues/352

by ValdikSS

It's not literally IPFS but atproto/bluesky is using most of the bones of IPFS (IPLD) to do their entire data propagation and event broadcasting.

And tbh it shouldn't be terribly difficult to extend the existing infra to supporting a full IPFS based system but I don't think anybody has considered it worthwhile yet.

ATproto uses just the bits it immediately needs even if it could probably benefit from the other parts long term (ex for archival relay stream preservation).

by OneDeuxTriSeiGo

At meta, there was a project for delivering binaries of internally built libraries / binaries to dev laptops using a private ipfs network. This was live for at least some period of time.

by ydj

> Return control back to the user after most (not all) of the PUT RPCs have succeeded and continue with the remaining ones in the background.

Making things faster by doing less (and not the same) been speeding up computing since forever! Can't help but feel like it's slightly misleading to call the providing ("publishing") faster when it's not actually doing the same, it's just that most parts turned async instead of waiting for confirmation.

Wouldn't this lead to the problem where the user things everything been provided properly, but once others try to find it, the records haven't yet been published? As far as I understand, it'd still take mostly the same amount of time until the entire CID (not just some of them) are available to others, the only thing that got "faster" is the end-user UX of the one providing?

by embedding-shape

As far as I understand, the producer is publishing to the 20 nearest nodes it finds, but the consumer is also searching the 20 nearest nodes it finds, and there is quite a big safety margin built into that number 20. Almost all consumers should still be able to find your object once it has only published to 10 or 15.

This is a probabilistic system anyway. Even if publication finishes to 20 nodes, why is that enough to return to the caller? Shouldn't it be 30, or 50, just in case?

I'd say it makes sense to return control once zero PUTs have been made and do the whole thing in the background, to avoid serializing operations that usually don't need to be serialized, such as publishing multiple objects.

by pocksuppet

The "Early Return" sections describe it more, I don't think it's as bad as it sounds in that first bullet. They're returning after 15 out of 20 complete,and it sounds like even if only those 15 end up succeeding it'll still generally be fine. (Exactly how fine / is that violating some common expectations and will cause problems: I dunno. Not familiar enough with IPFS's internals)

That said:

>In practice, at least one of the 20 follow-up requests fails in the vast majority of operations, and a single unresponsive peer can stall the entire phase waiting for a timeout.

It continually surprises me how often systems lack a Fast Fallback-like strategy¹. Or at least sound like it. Just an absolute flood of apps and websites and systems that try to do something once and then never tried an alternate route until that finishes, something like a minute or two later... for a process that usually takes less than a second. It's maddening. By the time you're considering one to be "stalled" and delaying everything unnecessarily, you probably should've already started trying two or three alternate routes!

https://wikipedia.org/wiki/Happy_Eyeballs

by Groxx

Join the discussion

Write your take first — we'll ask for email only when you're ready to publish.

  • Hacker News
  • I'll add to the "is it still...?" questions.

    Last I was told about it, there was no way to delete stuff from IPFS. Nothing enforceable, at least. Setting aside that public stuff is "impossible" to delete on the internet, there's something appealing to me about being able to shut off my server. Feels like that is less possible with IPFS hosted content.

    Does anyone have some perspective for me about removing content?

    by catapart
  • Imagine you created a torrent (and/or magnet link) with a file and then stopped seeding after some time. If it was popular it will probably live on, if not then eventually it disappears.
    by deno
  • Are the defaults still leaking your whole internal and external IP allocations to the dHT still?

    Its security posture was absolutely fucking gross the last time I reviewed it.

    And of course, there's a shitcoin bolted on as well. Last thing I want to do is feed into FileCoin. Of course, everything new these days has some financial interaction crap bolted on to entice speculators and ilk.

    by nekusar
  • Am I the only one who has never managed to get an IPFS file to successfully download?
    by gumboshoes
  • Slightly tangential to the article, which seems interesting, but the main issue with IPFS was the horrendous performance of clients which I seem to recall related to having a refresh storms, sparse routing tables, unreachable peers as well as lookup speeds. Mostly the reputation was so bad that people didn't bother with it, I dismissed it for my own project. If your only users are crypto-grift projects you're in a bad place.
    by davidwritesbugs
  • Did you ever try to keep files on a really good storage?
    by hyp0thetical
  • Is it also possible to speed up lookup? I never used IPFS much as it took several minutes to find a cid.
    by someonebaggy
  • When’s the last time you tried? It must be much faster now. Check: https://probelab.io/ipfs/dht/#chart-ipfs-dht-lookup-performa...
    by yiannisbot
  • Actually, lookup is super fast - CID lookup is consistently <200ms from the EU [0]. The original slowness came mostly from stale records and NAT’d peers that were indexed in the DHT which has since been mostly resolved.

    [0] https://probelab.io/ipfs/dht/#chart-ipfs-dht-lookup-performa...

    by throwaway8388
  • Having worked on libp2p‘s DHT (Double Hashing for rust-libp2p) for a bit two years ago, it’s really great to see that there are improvements. To get to CDN level speeds though on dense networks, I still see it as an architectural flaw to not somehow encode network topology into the PeerID / identity in the DHT. A start would be to use the five RIRs. If you want to be more sophisticated, and I spent a lot of time theorising about this, you could have a dezentrally governed anycast IP address of Geo DNS to bootstrap new peers into their neighbourhood and couple that into their DHT identity. But do you want to put BGP into the hands of a decentralised system? Could you even do it in the governance structure of the internet?

    Btw when we were working on our project HyveOS, we used Batman-advs routing table to quickly (really really quick) bootstrap new peers into the system.

    Ah… sometimes i really miss working on this.

    by hannesfur
  • We shouldn’t expect bodies and companies that benefit from centralization to give us crumbs. Remember IPv6 global multicast? ISPs killed that on sight.

    We need to get encrypted mesh networking (Yggdrasil, CJDNS, FIPS etc) out there before it’s too late.

    by yangm97
  • Is anyone still (or has anyone ever) used IPFS in production?

    I’m not talking about technology demos such as Wikipedia-on-IPFS (which indeed worked and was impressive) but where IPFS is actually being relied on for some functionality.

    by boramalper
  • the thing that prevented me using ipfs in anger.. (granted i may not have looked hard enough) was that i couldn't have stuff in ipfs, and access it via posix filesystem at he same time. i'd have to store things twice.

    fine for publishing, but not for having a live data set that is both used and published at the same time, as you can do with torrent.

    by phae
  • Back when I was working at a website builder, we used IPFS for distributing content between our serving clusters.

    If also made the sites available on IPFS, but that was a secondary concern.

    by bergie
  • the containerd stargz snapshotter has an IPFS integration so you can use IPFS instead of a traditional OCI registry to store your OCI containers

    Not using it in production but i found it pretty cool to test

    by preisschild
  • NFT artwork, if you count that. Briefly checked, the ones that were traded for the most were using IPFS rather than HTTP. But I also don't trust that these aren't self-wash sales (easy given the "NF" part), also NFTs are dumb.
    by frollogaston
  • Yeah.. IPFS is a bit disappointement. I was a bit exceited about it back in the day. Recently, I wanted to download sth large from archive.org, I used torrent (and my legacy torrent client) and it worked like a charm!

    It seems pure HTTP tracker + Torrent is good enough.

    by Borg3
  • It doesn't seem like it's popular to put old game ROMs on IPFS...? And that surprises me...
    by MattCruikshank
  • It's funny because even in Piracy, IPFS has never really taken off and that's a massive use case.
    by pixel_popping
  • https://swap.cow.fi uses it for order metadata registering iirc
    by errpunktjose
  • I use it for about 5 years, to publish javascript file (proxy auto-configuration) and serve the contents over different gateways.

    It is a huge server traffic saver.

    Used to use it to host different static websites on custom domains while Cloudflare's gateway was working, stopped using it for this purpose since its sunset in 2024.

    Neocities used to publish their websites over IPFS, this feature got broken (for years) and finally got removed: https://github.com/neocities/neocities/issues/352

    by ValdikSS
  • It's not literally IPFS but atproto/bluesky is using most of the bones of IPFS (IPLD) to do their entire data propagation and event broadcasting.

    And tbh it shouldn't be terribly difficult to extend the existing infra to supporting a full IPFS based system but I don't think anybody has considered it worthwhile yet.

    ATproto uses just the bits it immediately needs even if it could probably benefit from the other parts long term (ex for archival relay stream preservation).

    by OneDeuxTriSeiGo
  • At meta, there was a project for delivering binaries of internally built libraries / binaries to dev laptops using a private ipfs network. This was live for at least some period of time.
    by ydj
  • > Return control back to the user after most (not all) of the PUT RPCs have succeeded and continue with the remaining ones in the background.

    Making things faster by doing less (and not the same) been speeding up computing since forever! Can't help but feel like it's slightly misleading to call the providing ("publishing") faster when it's not actually doing the same, it's just that most parts turned async instead of waiting for confirmation.

    Wouldn't this lead to the problem where the user things everything been provided properly, but once others try to find it, the records haven't yet been published? As far as I understand, it'd still take mostly the same amount of time until the entire CID (not just some of them) are available to others, the only thing that got "faster" is the end-user UX of the one providing?

    by embedding-shape
  • As far as I understand, the producer is publishing to the 20 nearest nodes it finds, but the consumer is also searching the 20 nearest nodes it finds, and there is quite a big safety margin built into that number 20. Almost all consumers should still be able to find your object once it has only published to 10 or 15.

    This is a probabilistic system anyway. Even if publication finishes to 20 nodes, why is that enough to return to the caller? Shouldn't it be 30, or 50, just in case?

    I'd say it makes sense to return control once zero PUTs have been made and do the whole thing in the background, to avoid serializing operations that usually don't need to be serialized, such as publishing multiple objects.

    by pocksuppet
  • The "Early Return" sections describe it more, I don't think it's as bad as it sounds in that first bullet. They're returning after 15 out of 20 complete,and it sounds like even if only those 15 end up succeeding it'll still generally be fine. (Exactly how fine / is that violating some common expectations and will cause problems: I dunno. Not familiar enough with IPFS's internals)

    That said:

    >In practice, at least one of the 20 follow-up requests fails in the vast majority of operations, and a single unresponsive peer can stall the entire phase waiting for a timeout.

    It continually surprises me how often systems lack a Fast Fallback-like strategy¹. Or at least sound like it. Just an absolute flood of apps and websites and systems that try to do something once and then never tried an alternate route until that finishes, something like a minute or two later... for a process that usually takes less than a second. It's maddening. By the time you're considering one to be "stalled" and delaying everything unnecessarily, you probably should've already started trying two or three alternate routes!

    https://wikipedia.org/wiki/Happy_Eyeballs

    by Groxx

Related stories