[Babel-users] babeld-2.0

Dave Taht d at teklibre.org
Thu Apr 22 19:35:49 UTC 2010


On 04/22/2010 01:09 PM, Henning Rogge wrote:
> Am Donnerstag 22 April 2010 20:47:24 schrieb Dave Taht:
>    
>> I concur about secure BGP's limitations. It's what I meant by "halfway
>> decent". As for OSPFv3 + IPsec + IPv6, it's actually, well, not
>> horrible. I had never heard of anyone getting it to work before today,
>> actually.
>>      
> IPv6 and IPsec should be "fun"... IPsec, IPv6 and multicast is 'the holy
> grail' (does not work on linux according to my knowlegde).
>    

I achieved 2/3s of that holy grail 2 years ago, on an olpc and several 
ubuntu. See:

http://the-edge.blogspot.com/2008/03/ipsec-over-ipv6-for-olpc.html

Unfortunately I never wrote down precisely what I did.

I've been fiddling with multicast ever since...

> The problem is that securing a routing protocol you need to authenticate the
> propagation of the topology/distance information through the whole net. IPsec
> cannot really do this.
>
>    
Yes, I agree ipsec can't do this, or at least, only a part, which is 
more or less why I tried to point people at uftp and ntp4's autokey in 
my first message on this topic.
> Henning
>
>    




More information about the Babel-users mailing list