[babel] [Babel-users] Reworked implementation of Babel-over-DTLS
Antonin Décimo <antonin.decimo@gmail.com> Fri, 15 March 2019 13:56 UTC
Return-Path: <antonin.decimo@gmail.com>
X-Original-To: babel@ietfa.amsl.com
Delivered-To: babel@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2FA6212D4E9 for <babel@ietfa.amsl.com>; Fri, 15 Mar 2019 06:56:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SczHPKsWw_54 for <babel@ietfa.amsl.com>; Fri, 15 Mar 2019 06:56:00 -0700 (PDT)
Received: from mail-io1-xd2c.google.com (mail-io1-xd2c.google.com [IPv6:2607:f8b0:4864:20::d2c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 88A68129AA0 for <babel@ietf.org>; Fri, 15 Mar 2019 06:56:00 -0700 (PDT)
Received: by mail-io1-xd2c.google.com with SMTP id v10so8292407iom.8 for <babel@ietf.org>; Fri, 15 Mar 2019 06:56:00 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to:cc :content-transfer-encoding; bh=kPipo2lgWSdbs1KrMzzSRTpjlvYTsORsCQimOyEgOm4=; b=RZT8Mct3rM53RBWaC+kiwgM4bHmYkhilygJXEielGckC1znQtPZXEamY6TGmVs5qj/ Oi0VeeGX1Zdc5QAHQqLPIBaqhUOgxkCi4J0B98h6w1DLbN5zBQIY+XHpHt9mnI3/urqk ZuH/vAg8FyQJgQwgrT9Znv5X0vgR9Cee3yLdZF3lQuvUqIKVU9yKCpBHIdCoomqRdLRk 2SZIrVUirzHqjuB90e306OFxRF1PTp2U5j1bJJDlim6wUurcw3q+PVB85uL13tnG2FJU iXALKyMdX5SjGqO03LRA6EUp52Mevfr2HJ9OUpsfcJJnwspCntIw4MxupUoPsnbFUmKR GyHQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to:cc :content-transfer-encoding; bh=kPipo2lgWSdbs1KrMzzSRTpjlvYTsORsCQimOyEgOm4=; b=KiRFM+fukGhGPSgt1BWUOC9YM8n3Mf4nm3i/ccgDqf/y5+de0govkVwgZWlMtLy9IS YImqnOfBjarGhtTywCGDgRiTdUBlwe66IlJnf3SWuSajA0+0duZjfAkiDzKacmK2LKFn h7SHPABcCY7FCWzHTPPFe23nnJZK03rJ0wKVRGmZeLga6Hifq77MSBk7HPLwKGWXQ5bp spUdBJ0KqCCGOTh0/OQh6WFpXu5WyjGp5Sfi90oIms4IB6F1P57TA915p4kpmdLSdKDe NYu78fdc8akcrk69lQIfaYvc6TmSag37rmNO2+MD1bjMbxXcHW2saexWLJuo3VMOKp17 Su/g==
X-Gm-Message-State: APjAAAWS5rOI/2TzuTjtAB9LavwcFROs/AX3uKsKzH3O2xq3vGr8T+tx muU0nb+8OpKSPRxprtRhcFO9oQEF/dl0cG5M2z86R5FJ
X-Google-Smtp-Source: APXvYqwAdbxpe32flzNOyicjqKRuCJXfGseVXAMiaUe7mXbMBQokeS5mPxu0bHU0lAyMdA3yWCrRnpitayaSVGAcgwY=
X-Received: by 2002:a6b:c382:: with SMTP id t124mr2320246iof.158.1552658159728; Fri, 15 Mar 2019 06:55:59 -0700 (PDT)
MIME-Version: 1.0
From: Antonin Décimo <antonin.decimo@gmail.com>
Date: Fri, 15 Mar 2019 14:55:46 +0100
Message-ID: <CAC=54BKnmFudHr+LJRb86wzBMkKfZ1w2hQFeS4fszjN=BoYWTg@mail.gmail.com>
To: babel-users <babel-users@lists.alioth.debian.org>
Cc: Babel at IETF <babel@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/babel/elM-BvLHAkBIUxJsCX65s4W-R3Q>
Subject: [babel] [Babel-users] Reworked implementation of Babel-over-DTLS
X-BeenThere: babel@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "A list for discussion of the Babel Routing Protocol." <babel.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/babel>, <mailto:babel-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/babel/>
List-Post: <mailto:babel@ietf.org>
List-Help: <mailto:babel-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/babel>, <mailto:babel-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 15 Mar 2019 13:56:02 -0000
Hello lists,
I’ve finally managed to rework my implementation of Babel-over-DTLS
(spoiler: it seems to be working). Thanks to Juliusz for the help.
You can get the code by doing
git clone -b dtls2 https://github.com/MisterDA/babeld
The code requires the mbedTLS library (version 2.16) [1].
The code is still heavily instrumented (lots of printfs…). While this
code is not carefully tested, it is meant to eventually implement the
protocol described in
https://tools.ietf.org/html/draft-ietf-babel-dtls
Known issues:
- no interoperability testing has been done yet;
- we don’t timeout neighbours properly, which makes us vulnerable to
delayed packets;
- there is no user interface to provide certificates and keys, they
are all hard-coded in the DTLS library.
It is unclear to me how the user interface to provide certificates and
private keys should look like, and if we prefer CA certificates or
self-signed. Perhaps the draft should be more specific about that.
You can test this code by saying something like:
babeld -C 'interface eth0 unicast true dtls true'
The "unicast true" flag tells babeld to send all TLVs but Hello TLVs
over unicast, "dtls true" tells babeld to use DTLS on the selected
interface. The "unicast" flag is required for Babel-over-DTLS to
operate as expected. Use "dtls-protocol-port" to specify a port. The
default port is hard-coded to 50000, a port number has been requested
to IANA.
[1]: https://tls.mbed.org/
--
Antonin Décimo
- [babel] [Babel-users] Reworked implementation of … Antonin Décimo
- Re: [babel] [Babel-users] Reworked implementation… STARK, BARBARA H