[Babel-users] A happy babel user: re6st

[jp at nexedi.com]

Hi,

> > a- How can we prevent one babel participant to act against other
> > participants by providing wrong information to other participants ?
> > Imagine for example that a bad organization joins re6st + babel
> > network and starts capturing all routes in order to analyze traffic
> > or even block it.
> 
> Since you're already encrypting and authentifying all your traffic,

We authenticate each node mesh but we do not want to encrypt traffic (it is a configuration error). 

> Denis' work won't help you.  The best I can think of is to do some

What is Denis work ?

> filtering to drop any routes that don't make sense, but I'm not sure
> it will help you much.
> 
> BGP has the same problem, and SBGP, while promising, hasn't seen much
> deployment yet.
> 
> > b- How can we create a hierarchical addressing system ? The idea
> > here is to group participants dynamically and assign them a "big"
> > IPv6 address range.
> 
> Yep.  I've thought about it, and I don't see a good way to make
> automatic aggregation work in Babel -- the longest-prefix rule will
> cause Babel to ignore the aggregated routes.

Ulysse B. found some approaches based on IPv6 NATs and automated discovery of connected neighbours

> 
> > c- How can we implement more policies (ex. latency) ? 
> 
> We're working on it (Matthieu and I).  Current babeld head has some
> stability improvements which should in principle make it possible to
> have a stable network even when using latency as a cost measure.  As
> I told you last summer, I've come up with a cool way to measure
> latency without increasing the amount of traffic much, so now it's
> a simple matter of programming.

Great.

Regards,

JPS.

> 
> -- Juliusz
>