[Battlemesh] Host Identity Protocol, any experience?
hrogge at gmail.com
Mon Nov 28 16:25:07 CET 2016
On Mon, Nov 28, 2016 at 4:06 PM, Dave Taht <dave.taht at gmail.com> wrote:
> On Mon, Nov 28, 2016 at 6:58 AM, Antonio Quartulli <a at unstable.cc> wrote:
> > On Mon, Nov 28, 2016 at 02:05:25PM +0100, Linus Lüssing wrote:
> >> Hi,
> >> Just read about this protocol a few days ago:
> >> https://www.cisco.com/c/en/us/about/press/internet-protocol-
> >> https://en.wikipedia.org/wiki/Host_Identity_Protocol
> >> https://tools.ietf.org/html/rfc7401
> >> Has anyone had the pleasure to play with it yet?
> >> Seems like it might be a necessity to support truely decentral,
> >> distributed, dynamic internet uplinks in a public mesh network?
> >> (otherwise, everytime a node with a direct uplink vanishes, TCP
> >> connections would break or would need some tunneling)
> >> The idea of HIP to strip the identity part from IP addresses and
> >> replacing it with a layer in between, which cryptographically
> >> generates identities, sounds ingenious!
> I used to use hip a lot, but at least until recently nat traversal had
> become a problem. It is widely embedded in some factory floor gear (as
> a pre-IOT concept). It does solve one problem really thoroughly -
> validating that your IP is really your IP.
> In the context of battlemesh it's potentially interesting, although a
> common mistake I made is offering a HIP route to the network, which
> would not work, I even reached the point to where I wanted to block
> that range out by default in all routing daemons.
Without servers supporting HIP directly you would be forced to go through
some "proxy provider"... which would reduce HIP to a simple VPN protocol.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Battlemesh