[hipl-users] Re: HIPL and Network Interface

  • From: Miika Komu <mkomu@xxxxxxxxx>
  • To: hipl-users@xxxxxxxxxxxxx
  • Date: Mon, 09 Mar 2015 11:24:47 +0200

Hi Lingyuan,

On 03/08/2015 02:26 AM, Lingyuan He wrote:

I am currently studying the implementation of hipd, about how it uses
network interfaces, for the purpose of a research on network handover
(interface switching) in my university.

I have been looking into the implementation, but without too much
progress on my own.

My questions,
- where in the code that the daemon handles outbound connection and
pack/send a packets? Or simply put, where is the socket connection to
the other node created?

1. hipd is started and sets up a security policy matching to HIT prefix
2. application sends data to a HIT (or LSI)
3. IPsec intercepts the packet, notices that IPsec keys do not exist
4. IPsec sends a message to userspace key exchange daemons
5. hipd receives the message in netdev_handle_acquire()

- does hipd uses the default network interface without any consideration
of multiple network interfaces?

by default, hipd uses the default route (i.e. source address) to send the message. You can use the experimental "shotgun" extension to trigger flooding of the I1 message through all source-destination address pairs. Hipd just selects the address pair that responses first.


Shotgun does not support yet mobility, just base exchange is supported. I can give more information if you're interesting in contributing.

The end-result I am pursuing is to modify the implementation (if needed)
to insert a preferred network interface for hipl to use, in case there
are several.

Any insights would be greatly appreciated, thanks a lot in advance.

Other related posts: