[hipl-users] Re: HIPL - early testing

• From: Miika Komu <miika@xxxxxx>
• To: hipl-users@xxxxxxxxxxxxx
• Date: Thu, 30 Mar 2006 19:11:55 +0300 (EEST)

On Thu, 30 Mar 2006, Fernando Moreira wrote:

> Hi all,
> i've just installed hipl but i have some doubts. I haven't understood
> how hipl works...
>
> Simply running hipd, it eventually died because there weren't any of the
> following files:
> hip_host_dsa_key_anon
> hip_host_dsa_key_pub
> hip_host_rsa_key_anon
> hip_host_rsa_key_pub
>
> Then, i used tools/hipconf to generate those files and ended up with 8
> files:
> hip_host_dsa_key_anon
> hip_host_dsa_key_pub
> hip_host_rsa_key_anon
> hip_host_rsa_key_pub
> hip_host_dsa_key_anon.pub
> hip_host_dsa_key_pub.pub
> hip_host_rsa_key_anon.pub
> hip_host_rsa_key_pub.pub

Yes, this is instructed also in the HOWTO. The specifications recommend
that a host should have two public and two anonymous host identifiers.

> By comparison with some other implementations, like HIP4BSD, i can see
> that some of the files correspond to the host's private and public key,
> but i don't understand the use of all the files.

The prefix of all keys is "hip_host". After that is the algo "dsa" or
"rsa". Then we have the privacy type of the hit, either "public" (can be
e.g. published in dns) or "anon" (can be changed frequently). Now, after
this there can be .pub suffic. If it is not present, it means the private
key. If it is present, it means the public key part of the private key.

> Some other questions:
> Will it be possible to ping the peer using it's HIT?

Yes, if you do it either way:

1) hipconf add map HIT IP
   ping6 HIT
2) <configure /etc/hip/hosts and /etc/hosts to have HOSTNAME>
   ping6 HOSTNAME

> Will the base exchange be triggered by the first data packet exchanged?

Yes.

> In which interface can the HIP packets be captured -  dummy0 or any
> physical interface?

In general, a physical interface.

> Should there be a HIT - IP mapping in the /etc/hip/hosts file?  -  Can
> you please send me an example of that file....

Yes, there should be, unless you use method 1 described above.

ritsa:# cat /etc/hip/hosts
11c9:dcbd:f4d5:ff98:5f82:8344:e1eb:bce2 panu

DNS AAAA support should also be working.

-- 
Miika Komu              miika@xxxxxx          http://www.iki.fi/miika/

• Follow-Ups:
  • [hipl-users] Re: HIPL - early testing
    • From: Fernando Moreira

• References:
  • [hipl-users] HIPL - early testing
    • From: Fernando Moreira

Other related posts:

• » [hipl-users] HIPL - early testing
• » [hipl-users] Re: HIPL - early testing
• » [hipl-users] Re: HIPL - early testing
• » [hipl-users] Re: HIPL - early testing
• » [hipl-users] Re: HIPL - early testing
• » [hipl-users] Re: HIPL - early testing

1. Home
2. hipl-users
3. Archive
4. 03-2006

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---