[hipl-dev] [Branch ~hipl-core/hipl/opp-removal] Rev 5294: remove reference to opportunistic mode in manual
- From: noreply@xxxxxxxxxxxxx
- To: HIPL core team <hipl-dev@xxxxxxxxxxxxx>
- Date: Mon, 10 Jan 2011 18:29:30 -0000
------------------------------------------------------------
revno: 5294
committer: Rene Hummen <rene.hummen@xxxxxxxxxxxxxxxxx>
branch nick: opp-removal
timestamp: Mon 2011-01-10 19:26:29 +0100
message:
remove reference to opportunistic mode in manual
modified:
doc/HOWTO.xml.in
--
lp:~hipl-core/hipl/opp-removal
https://code.launchpad.net/~hipl-core/hipl/opp-removal
Your team HIPL core team is subscribed to branch lp:~hipl-core/hipl/opp-removal.
To unsubscribe from this branch go to
https://code.launchpad.net/~hipl-core/hipl/opp-removal/+edit-subscription
=== modified file 'doc/HOWTO.xml.in'
--- doc/HOWTO.xml.in 2011-01-06 19:50:27 +0000
+++ doc/HOWTO.xml.in 2011-01-10 18:26:29 +0000
@@ -1056,29 +1056,7 @@
hipconf command also to @sysconfdir@/hipd_config and restart hipd.
</para>
</section>
- <section id="sec_advanced_methods">
- <title>Experimental Methods</title>
- <para>
- These methods are experimental. Use with care and only if you know
what you are doing!
- </para>
- <para>
- 1. Use the opportunistic mode as described in
- <xref linkend="opportunistic" />. This method works with both IPv4 and
- IPv6 applications. It does not require any HIP name configuration at
all.
- </para>
- <para>
- 1a. Running a single IPv6-enabled application using HIP:
<emphasis>hipconf run opp <EXECUTABLE></emphasis>
- </para>
- <para>
- 1b. Enabling HIP for all applications in bash shell (add to bashrc if
you want to set this permanently): <emphasis>export
LD_PRELOAD=libopphip.so:libhiptool.so</emphasis>
- </para>
- <para>
- 2. Use the system-based opportunistic mode as instructed in
- <xref linkend="sys_based_opp_mode" />. Does not require either
- any kind of HIP name configuration at all.
- </para>
- </section>
-
+
<section id="ch_tips_for_hip">
<title>Tips for Using HIP with Some Applications</title>
<section id="sec_using_hip_proxy">
@@ -2796,249 +2774,6 @@
<chapter id="ch_exp_extensions">
<title>Other Experimental HIP Extensions</title>
- <section id="opportunistic">
- <title>Using Opportunistic mode</title>
- <itemizedlist>
- <listitem><para>
- Opportunistic mode has two benefits. First, you don't have to know
- the HIT of the peer. This is makes HIP more suitable to "ad-hoc"
- environments where preconfiguration of HITs is difficult. Second, the
- opp. mode implementation allows the use of IPv4 addresses at the
- application. This way, even IPv4-only legacy applications can benefit
- from the security and mobility features of HIP.
- </para></listitem>
- <listitem><para>
- Opportunistic mode is compiled on by default. In order to use
Opportunistic mode enabled HIP, the following steps are needed:
- </para></listitem>
- <listitem><para>
- Move to top level of HIPL
- </para></listitem>
- <listitem><para>
- e.g. cd hipl
- </para></listitem>
- <listitem><para>
- Run autoreconf
- </para></listitem>
- <listitem><para>
- autoreconf --install
- </para></listitem>
- <listitem><para>
- Run configure
- </para></listitem>
- <listitem><para>
- ./configure
- </para></listitem>
- <listitem><para>
- Run make
- </para></listitem>
- <listitem><para>
- make
- </para></listitem>
- <listitem><para>
- Run make install
- </para></listitem>
- <listitem><para>
- make install
- </para></listitem>
- <listitem><para>
- Run hip daemon on both "crash" and "oops"
- </para></listitem>
- <listitem><para>
- hipd
- </para></listitem>
- <listitem><para>
- Use the hipconf tool to set up HIP Opportunistic mode on both
- hosts manually. "hipconf set opp on|off" is used to
- enable/disable opportunistic mode. By default it is on.
- </para></listitem>
- <listitem><para>
- Now the opportunistic mode is enabled. To test Opportunistic mode,
you need to remove crash's HITs and name from @sysconfdir@/hosts, and then
following the steps in <xref linkend="ch_basictest" />.
- </para></listitem>
- </itemizedlist>
-
- <para>
- HIPL supports also opportunistic mode that is uses TCP options to
- detect whether peer supports HIP or not. This is particularly
- useful in networking environments without HIP look up
- infrastructure (DNS/etc) and where the number of HIP hosts
- is small. This "advanced" version of the opportunistic mode
- enables fast and backwards compatible fallback to non-HIP
- communications for TCP connections when the peer does not support
- HIP. To use the opportunistic mode, start both the hipd and hipfw (e.g.
with option -A).
- Then instruct "hipconf set opp advanced" and use the opportunistic mode as
instructed
- earlier in this section.
-</para>
-
- <section id="efficient_HIP_detection">
- <title>Opportunistic mode with efficient detection of peer HIP
capability</title>
- <para>
- The normal HIP opportunistic mode experiences a delay when
- a HIP peer tries to communicate with a non-HIP peer. This happens
- because the initiator waits for a HIP response before falling
- back on normal TCP communication. The efficient detection of
- peer HIP capability enables us to detect peer HIP capability or
- the lack thereof. If we detect that the peer supports HIP, we
- continue the HIP opportunistic communication. Otherwise,
- communication falls back on plain TCP. Efficient detection of
- peer HIP capability is enabled with the second of the following
- commands.
- </para>
- <para>
- As an example, we run the HIP daemon first.
- </para>
- <para>
- 1. hipd
- </para>
- <para>
- Afterwards, we run the firewall as shown in the following command. The
- firewall is needed in case the peer does not support HIP, because it
- captures the incoming TCP SYN_ACK packet and notifies the HIPD of the
- lack of HIP support at the peer:
- </para>
- <para>
- 2. hipfw -dA
- </para>
- <para>
- Then, we enable efficient, undelayed detection of peer HIP
- capability with the following command:
- </para>
- <para>
- 3. hipconf set opp advanced
- </para>
- <para>
- To try the feature, we initiate a TCP connection using the HIP
- opportunistic library:
- </para>
- <para>
- 4. hipconf run opp wget IP-number
- </para>
- <para>
- One thing to stress here is that the receiver should also run the
- firewall and enable the efficient HIP opportunistic mode in order
- to be ensure being detected correctly. If this feature is not enabled
- at the receiver, correct detection depends on the relative latency of a
- TCP and a HIP packet.
- </para>
- <para>
- The enabling at the receiver is done by executing step 2 after
- the HIP daemon has started.
- </para>
- </section>
-
- <section id="sys_based_opp_mode">
- <title>System-based opportunistic mode (experimental)</title>
- <para>
- The system-based opportunistic mode enables HIP communication
- without the use of the opportunistic library. If the peer does
- not support HIP, communication falls back on normal TCP
- communication.
- </para>
- <para>
- The system-based opportunistic mode is implemented at the HIP
- firewall. It is enabled with the -o option as shown below:
- </para>
- <para>
- hipfw -dAo
- </para>
- <para>
- Following is an example of all the steps to be followed at two peers
- for using the system-based opportunistic mode between them.
- </para>
- <para>
- At the responder, one can execute these steps:
- </para>
- <para>
- 1. hipd
- </para>
- <para>
- 2. hipfw -Aod
- </para>
- <para>
- 3. nc -l 1111
- </para>
- <para>
- At the initiator, one can execute these steps:
- </para>
- <para>
- 1. hipd
- </para>
- <para>
- 2. hipfw -dAo
- </para>
- <para>
- 3. nc <responder-ip> 1111
- </para>
- </section>
-
-<!--
- <section>
-
- <title>Accessing the kernel peer list</title>
- <itemizedlist>
- <listitem>
- <para>You can access the kernel's list of known HIP peers using the
native
- getendpointinfo name resolution interface.</para>
- </listitem>
- <listitem>
- <para>By default, the interface first checks the @sysconfdir@/hosts
file for
- a matching host. If one is not found, the kernel is queried for its
- list of known HIP peers and the list is examined for matches.</para>
- </listitem>
- <listitem>
- <para>To only check the kernel list, set the hints.ei_flags to
- AI_HIP | AI_KERNEL_LIST. This will use only the kernel list and will
- not check the hosts file.</para>
- </listitem>
- <listitem>
- <para>To retrieve the list of known peers from the kernel, set the
- hints.ei_flags to AI_HIP | AI_KERNEL_LIST and the nodename to NULL.
- This will query the kernel for the list and return the entire
- list.</para>
- </listitem>
- </itemizedlist>
- </section>
--->
-
-
- <section id="ch_datapacket_mode">
- <title>Data packet mode (experimental)</title>
-
- <para>
- HIPL supports the extensions defined in
- <ulink url="http://tools.ietf.org/html/draft-nikander-hip-hiccups"; />.
Support for the extensions
- is very experimental and may not interoperate with other extensions in
HIPL. The data packet mode does not
- support sequence numbers, UDP encapsulation nor switching to ESP yet.
Next, we'll give an example how to try out the extension:
- </para>
-
- <para>
- Start HIP software as follows both at the client and server host:
- </para>
-
-<programlisting>
-# hipd -k
-# hipfw -Aid
-# hipconf datapacket on
-</programlisting>
-
- <para>
- Notice that the last command can be also configured to
@sysconfdir@/hipd_config
- </para>
-
- <para>
- Then execute at the client:
- </para>
-
-<programlisting>
-ping6 <HIT_OF_THE_SERVER>
-</programlisting>
-
- <para>
- Please do not take <HIT_OF_THE_SERVER> literally. You should replace
it with the
- actual HIT of the server.
- </para>
- </section>
- </section>
-
<section id="ch_shotgun">
<title>"Shotgun" Extension</title>
Other related posts:
- » [hipl-dev] [Branch ~hipl-core/hipl/opp-removal] Rev 5294: remove reference to opportunistic mode in manual - noreply
