hrogge at googlemail.com
Thu Apr 22 19:09:56 UTC 2010
Am Donnerstag 22 April 2010 20:47:24 schrieb Dave Taht:
> I concur about secure BGP's limitations. It's what I meant by "halfway
> decent". As for OSPFv3 + IPsec + IPv6, it's actually, well, not
> horrible. I had never heard of anyone getting it to work before today,
IPv6 and IPsec should be "fun"... IPsec, IPv6 and multicast is 'the holy
grail' (does not work on linux according to my knowlegde).
The problem is that securing a routing protocol you need to authenticate the
propagation of the topology/distance information through the whole net. IPsec
cannot really do this.
1) You can't win.
2) You can't break even.
3) You can't leave the game.
— The Laws of Thermodynamics, summarized
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 198 bytes
Desc: This is a digitally signed message part.
More information about the Babel-users