Hi, > > a- How can we prevent one babel participant to act against other > > participants by providing wrong information to other participants ? > > Imagine for example that a bad organization joins re6st + babel > > network and starts capturing all routes in order to analyze traffic > > or even block it. > > Since you're already encrypting and authentifying all your traffic,
We authenticate each node mesh but we do not want to encrypt traffic (it is a configuration error). > Denis' work won't help you. The best I can think of is to do some What is Denis work ? > filtering to drop any routes that don't make sense, but I'm not sure > it will help you much. > > BGP has the same problem, and SBGP, while promising, hasn't seen much > deployment yet. > > > b- How can we create a hierarchical addressing system ? The idea > > here is to group participants dynamically and assign them a "big" > > IPv6 address range. > > Yep. I've thought about it, and I don't see a good way to make > automatic aggregation work in Babel -- the longest-prefix rule will > cause Babel to ignore the aggregated routes. Ulysse B. found some approaches based on IPv6 NATs and automated discovery of connected neighbours > > > c- How can we implement more policies (ex. latency) ? > > We're working on it (Matthieu and I). Current babeld head has some > stability improvements which should in principle make it possible to > have a stable network even when using latency as a cost measure. As > I told you last summer, I've come up with a cool way to measure > latency without increasing the amount of traffic much, so now it's > a simple matter of programming. Great. Regards, JPS. > > -- Juliusz >
_______________________________________________ Babel-users mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/babel-users
