[Battlemesh] Host Identity Protocol, any experience?

Henning Rogge hrogge at gmail.com
Mon Nov 28 16:25:07 CET 2016


On Mon, Nov 28, 2016 at 4:06 PM, Dave Taht <dave.taht at gmail.com> wrote:

> On Mon, Nov 28, 2016 at 6:58 AM, Antonio Quartulli <a at unstable.cc> wrote:
> > On Mon, Nov 28, 2016 at 02:05:25PM +0100, Linus L├╝ssing wrote:
> >> Hi,
> >>
> >> Just read about this protocol a few days ago:
> >>
> >> https://www.cisco.com/c/en/us/about/press/internet-protocol-
> journal/back-issues/table-contents-43/121-host.html
> >> https://en.wikipedia.org/wiki/Host_Identity_Protocol
> >> https://tools.ietf.org/html/rfc7401
> >>
> >> Has anyone had the pleasure to play with it yet?
> >>
> >> Seems like it might be a necessity to support truely decentral,
> >> distributed, dynamic internet uplinks in a public mesh network?
> >>
> >> (otherwise, everytime a node with a direct uplink vanishes, TCP
> >> connections would break or would need some tunneling)
> >>
> >> The idea of HIP to strip the identity part from IP addresses and
> >> replacing it with a layer in between, which cryptographically
> >> generates identities, sounds ingenious!
>
> I used to use hip a lot, but at least until recently nat traversal had
> become a problem. It is widely embedded in some factory floor gear (as
> a pre-IOT concept). It does solve one problem really thoroughly -
> validating that your IP is really your IP.
>
> In the context of battlemesh it's potentially interesting, although a
> common mistake I made is offering a HIP route to the network, which
> would not work, I even reached the point to where I wanted to block
> that range out by default in all routing daemons.
>

Without servers supporting HIP directly you would be forced to go through
some "proxy provider"... which would reduce HIP to a simple VPN protocol.

Henning
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://ml.ninux.org/pipermail/battlemesh/attachments/20161128/bff0e342/attachment-0001.html>


More information about the Battlemesh mailing list