Hi Felix,
Thank you for your always kind words.
DE-CIX uses this piece of code to encrypt:
https://github.com/de-cix/udp-dtls-wrapper . We could test it
inter-working against pmacct code, ie. at my end i can decrypt the IPFIX
templates they sent over.
As a small news this week i am
On Tue, 13 Oct 2020 06:16:59 +
Felix Stolba wrote:
> Out of curiosity I've been playing around with ncat, trying to
> encrypt a regular IPFIX stream and sending it to nfacctd_dtls_port.
FYI, FWIW. Other tools you might be interested in are socat and
stunnel. I've forgotten the details,
Paolo,
it's my pleasure, hope you're doing great also. Wonderful to see all the
progress pmacct has been making since we last met.
Thanks for confirming IPFIX/DTLS is a topic that's still ongoing. While the
immediate need for encrypted transport can be alleviated by utilizing IPSEC
tunnels
Hi Felix,
Monumental pleasure to read from you, hope all is well.
The feature was conceived in conjunction with the great DE-CIX folks,
you can see the announcement here:
https://twitter.com/thking/status/1292903640877932544 .
In the context of pmacct, yes, i have indeed on the roadmap to
Hi everyone,
so recently the config parameter nfacctd_dtls_port was introduced. By using
this, pmacct can consume flow data contained in a DTLS stream as specified in
RFC5153.
Having an integrated, secure transport for flow data is an intriguing idea. But
that poses the question, how can such