While there's good reason to be concerned about the safety of the infrastructure, we're not at the point where we should be aiming to improve on it. And right now, every waystone is a dharbomb waiting to happen, the beastmen have anti-waystones, and Sylvania doesn't have anything except dhar puddles. And until the polar gates get fixed (now there's a goal for Mathilde), there will always be winds and dhar. As with any security, the defense is at a disadvantage, because the attacker only needs to find one weakness.
Ultimately, the answer is two-fold: Redundancy, and monitoring. First, you don't rely on just one system, even if it's super well defended, because everything can be broken. This was the mistake of Nekhara1. So you have river leylines, and the existing standard leylines. And you have more than one way of getting magic into/out of the river or the waystone. Second, you monitor the system, so that if something breaks, or gets broken, you can switch to another method until repairs can be done. Basically, the idea is to limit the damage when something breaks and buy the time needed for repairs, combined with actively checking for damages. The elven waystones actually do both of these, in that there's multiple connections leading to the Vortex2 and central monitoring agent, which is way the network is still ticking along after millenia of sub-par maintenance and active efforts to destroy it. It's not perfect, since they have only one final output in the Vortex, but the Ulthuan elves probably don't much care because it won't be their problem anymore if the Vortex is gone3.
A useful idea here is N+k redundancy4. You need N components to ensure proper operation, and you want to be able to handle k simultaneous failures, so you actually use N+k. Crucially, this applies recursively at different levels. A complete failure at a lower level means the failure of one node at the next higher level. An example:
You require 6 tributaries to keep a region clean. Tributaries don't get attacked much, so you only 1 more, since they can get damaged just by natural disasters and because you don't want to check often. That's the lowest level, the setup for one waystone, and in some regions you may adjust the minimum number of tributaries or the slack.
Then one level up, the nexus as the central point. Since waystones can link to waystones, this is a little more complicated, because you have to decide how they link up. If you can form a network with multiple in and outflows (IIRC, you can't actually), you need to decide how many are requried for minimum operation, and how many slack connections are requird. If you can only have chains, you need to decide how many chains, and if you want to interweave them so that one chain chan compensate for the failure of another (and if it's possible at all). If you can't actually have multiple active waystone in the same region, you may decide to have a (or multiple!) switched off set ready to take things on 5.
And then one more level up, you have the vortex as the central point, with nexi now taking the role of waystones. How many simultaneous failures do you expect? You should be able to rerout so that you the remaining ones can still reach the vortex. This is a region where there's definite concerns, because there's serveral potential bottlenecks.
And finally, you could have multiple parallel networks. That sort of exists locally sometimes a little, but not really. Some sections of the network are somewhat independant, but they probably all rely on the Vortex.
The critical point of course is cost. Having a huge slack capacity is expensive. We will not be building a second network. Building a new nexus is plausible in the future, but would likely be a significant effort. Building a few waystones here and there to even things out is easily doable, doing it everywhere is major project again. Same for the tributaries. If we wanted to up the slack everywhere, it would be the work of decades.
Technology is another factor in the consideration. For example, the storage capacity of the foundation will dictate how many tributaries you can reasobably connect to it, and how many connections are required. The more buffer you have, the smaller the required slack, because you can ride out temporary failures. And of course, the quicker your response time, the less buffer capacity is required. You'd estimate you're slack as something like the failure rate times the repair time6.
All the above was about damage to the connected system, pretty much like connectivity in a power grid. Of course, you also have usage. A storm of magic will put vastly more stress on your system, and you need to decide how to handle that8. It's mostly a matter of setting you're minimum specs, and how much above "normal" you're aiming. And that's a matter of how frequent storms are, and how much you can tolerate an "overloaded" state, since the magic will mostly just be there, but you probably want your cities cleaner than some desert part with nothing in it.
And finally, from an adverserial security perspective, you have some more considerations: Do you want one approach/technology which is highly secure, or several less secure technolgies. The first reduces the chance of someone breaking in, but if it does happen you're proper fucked9. Or do you use mutliple approaches, which each require a different way to break, thereby risking more frequent damage but reducing the scope? Personnally, I'd generally recommend the second10. You can recover from damage, you cannot recover from annhilation.
1That, and getting targeted by Nagash. At some point, you're just overmatched. If you're a normal business getting targeted by the NASA or China, you're pretty much getting broken in. Security does still help by making you a less appealing target (so they might go for someone else), and by having a chance at damage mitigation.
2Though ideally, you'd have mutliple outflows at each waystone. That might now have been feasible given the underlying architecture, or it might have been too expensive, or they did have it and degradation over time just saw those destroyed or moved to fix up holes.
3This is something we might actually be able to improve upon, though handling dhar would be a huge challenge. But at least normal magic seems to be used up by both the dwarfs and Kiselv.
4Or N-1 safety, which are basically the same idea, just different fields. N-1 I think is more a power grid thing.
5 though that also depends on your technical capabilities, I don't remember if tributaries can be switched off.
6which includes detection, and repair can be as simple as rerouting. Well, you'd look at the different failure modes, and estimate seperately (stone is damaged, connection is damaged, connection has already been rerouted and now a new failure occurs), but that's below the abstraction 7.
7Not that most of this discussion isn't anyway.
8There's also the waxing and waning of the flow between chaos invasions. And of course, Kislev will want and need more outflow capacity than Araby.
9Again, Nagash
10Obviously, adding a dhar dispenser with a labled button is not a good idea, as an extreme case of a very unsecure system. But the rivers actually have a lot of inbuilt safety features, arguably more than waystones.
Ultimately, the answer is two-fold: Redundancy, and monitoring. First, you don't rely on just one system, even if it's super well defended, because everything can be broken. This was the mistake of Nekhara1. So you have river leylines, and the existing standard leylines. And you have more than one way of getting magic into/out of the river or the waystone. Second, you monitor the system, so that if something breaks, or gets broken, you can switch to another method until repairs can be done. Basically, the idea is to limit the damage when something breaks and buy the time needed for repairs, combined with actively checking for damages. The elven waystones actually do both of these, in that there's multiple connections leading to the Vortex2 and central monitoring agent, which is way the network is still ticking along after millenia of sub-par maintenance and active efforts to destroy it. It's not perfect, since they have only one final output in the Vortex, but the Ulthuan elves probably don't much care because it won't be their problem anymore if the Vortex is gone3.
A useful idea here is N+k redundancy4. You need N components to ensure proper operation, and you want to be able to handle k simultaneous failures, so you actually use N+k. Crucially, this applies recursively at different levels. A complete failure at a lower level means the failure of one node at the next higher level. An example:
You require 6 tributaries to keep a region clean. Tributaries don't get attacked much, so you only 1 more, since they can get damaged just by natural disasters and because you don't want to check often. That's the lowest level, the setup for one waystone, and in some regions you may adjust the minimum number of tributaries or the slack.
Then one level up, the nexus as the central point. Since waystones can link to waystones, this is a little more complicated, because you have to decide how they link up. If you can form a network with multiple in and outflows (IIRC, you can't actually), you need to decide how many are requried for minimum operation, and how many slack connections are requird. If you can only have chains, you need to decide how many chains, and if you want to interweave them so that one chain chan compensate for the failure of another (and if it's possible at all). If you can't actually have multiple active waystone in the same region, you may decide to have a (or multiple!) switched off set ready to take things on 5.
And then one more level up, you have the vortex as the central point, with nexi now taking the role of waystones. How many simultaneous failures do you expect? You should be able to rerout so that you the remaining ones can still reach the vortex. This is a region where there's definite concerns, because there's serveral potential bottlenecks.
And finally, you could have multiple parallel networks. That sort of exists locally sometimes a little, but not really. Some sections of the network are somewhat independant, but they probably all rely on the Vortex.
The critical point of course is cost. Having a huge slack capacity is expensive. We will not be building a second network. Building a new nexus is plausible in the future, but would likely be a significant effort. Building a few waystones here and there to even things out is easily doable, doing it everywhere is major project again. Same for the tributaries. If we wanted to up the slack everywhere, it would be the work of decades.
Technology is another factor in the consideration. For example, the storage capacity of the foundation will dictate how many tributaries you can reasobably connect to it, and how many connections are required. The more buffer you have, the smaller the required slack, because you can ride out temporary failures. And of course, the quicker your response time, the less buffer capacity is required. You'd estimate you're slack as something like the failure rate times the repair time6.
All the above was about damage to the connected system, pretty much like connectivity in a power grid. Of course, you also have usage. A storm of magic will put vastly more stress on your system, and you need to decide how to handle that8. It's mostly a matter of setting you're minimum specs, and how much above "normal" you're aiming. And that's a matter of how frequent storms are, and how much you can tolerate an "overloaded" state, since the magic will mostly just be there, but you probably want your cities cleaner than some desert part with nothing in it.
And finally, from an adverserial security perspective, you have some more considerations: Do you want one approach/technology which is highly secure, or several less secure technolgies. The first reduces the chance of someone breaking in, but if it does happen you're proper fucked9. Or do you use mutliple approaches, which each require a different way to break, thereby risking more frequent damage but reducing the scope? Personnally, I'd generally recommend the second10. You can recover from damage, you cannot recover from annhilation.
1That, and getting targeted by Nagash. At some point, you're just overmatched. If you're a normal business getting targeted by the NASA or China, you're pretty much getting broken in. Security does still help by making you a less appealing target (so they might go for someone else), and by having a chance at damage mitigation.
2Though ideally, you'd have mutliple outflows at each waystone. That might now have been feasible given the underlying architecture, or it might have been too expensive, or they did have it and degradation over time just saw those destroyed or moved to fix up holes.
3This is something we might actually be able to improve upon, though handling dhar would be a huge challenge. But at least normal magic seems to be used up by both the dwarfs and Kiselv.
4Or N-1 safety, which are basically the same idea, just different fields. N-1 I think is more a power grid thing.
5 though that also depends on your technical capabilities, I don't remember if tributaries can be switched off.
6which includes detection, and repair can be as simple as rerouting. Well, you'd look at the different failure modes, and estimate seperately (stone is damaged, connection is damaged, connection has already been rerouted and now a new failure occurs), but that's below the abstraction 7.
7Not that most of this discussion isn't anyway.
8There's also the waxing and waning of the flow between chaos invasions. And of course, Kislev will want and need more outflow capacity than Araby.
9Again, Nagash
10Obviously, adding a dhar dispenser with a labled button is not a good idea, as an extreme case of a very unsecure system. But the rivers actually have a lot of inbuilt safety features, arguably more than waystones.
Last edited:
