Question #200462 on HIPL changed: https://answers.launchpad.net/hipl/+question/200462 Status: Open => Answered Miika Komu proposed the following answer: > Because my applications using IPv4 addresses, I want to assing them own LSI > (not standart -- 1.0.0.1/2) and use them in my > applications. How can I do this? In HIPL, 1.0.0.1 is the local host. At the moment, you can't change this value from hipconf but rather modify the code (check the usage of HIP_LSI_PREFIX and grep -r for "1.0.0" string from the code). You can assign the remote host LSIs freely, assuming you use the 1.0.0.0/8 namespace. The remote LSIs are configure similarly as HITs. For instance, I have in /etc/hip/hosts: 2001:15:e156:8a78:3226:dbaa:f2ff:ed06 test 1.0.0.2 test and the following in /etc/hosts: 192.168.1.2 test The symbolic host name binds these mappings together. If I don't specify the LSI, hipd will just allocate the first free LSI for the remote host during the key exchange. Few notes: * You can "overload" all this information to /etc/hosts if you don't want to use /etc/hip/hosts at all. * You may have to restart hipd after changing the files > Also somewhere in the manual I read that LSI are available only on localhost. Is this true? Yes, each individual host is supposed to manage it's own LSIs. You can consider it as an "alias" to a HIT. (For research purposes, you could consider publishing LSIs in a local DNS using "split horizon" to keep the LSI information local to the network. However, hipd does not support this and this works only for static configurations where hosts do not move outside of the local network. Also, the LSIs are not inherently secure like HITs) > If so, how else can I customize the HIT-IP mapping, use the hipdnsproxy? For local (testing purposes), you can use: a) Combination of /etc/hip/hosts and /etc/hosts files (requires DNS proxy) b) Overload this in /etc/hosts (does not require DNS proxy) c) It is possible also to use /etc/hip/hipd_config but this is mainly suitable e.g. with registration to rendezvous servers. For global (production-like) environment you should set up your own DNS server and publish the public keys there (instructions in the manual). This requires support from the DNS proxy to translate public keys into HITs. You can test our DNS service by running dnsproxy and then typing e.g. "host crossroads.infrahip.net". You can get the full information with "dig -t any crossroads.infrahip.net". > Could you also comment on, what the command <hipconf daemon run normal|opp _app_> does? This is has been removed from the latest releases but it appears it is still mentioned in the manua (I'll remove)l. If you're interested in what this did, here are the details: http://www.niksula.cs.hut.fi/~mkomu/docs/ccnc09.pdf -- You received this question notification because you are a member of HIPL core team, which is an answer contact for HIPL.