[Babel-users] wireshark support for babelz, rtt, subtlvs, timestamps, tspc, hmac, and source specific tlvs

Denis Ovsienko denis at ovsienko.info
Tue Apr 7 08:40:52 UTC 2015

>Side note: A "feature" that I would like is the ability to only accept 
>authenticated default routes. Could that be done in a topology like 
>gw - routerA-withauth - routerB - routerC - routerD-wantsauth 

Unfortunately no, this is too much different from RFC 7298, in which authentication is a per-interface set of requirements. Based on each direct neighbour's ability to satisfy those requirements the neighbour's packets make (or don't make) it into the scope of the Babel protocol instance. The authentication layer does not spell smaller non-authentication data items of the packet like individual routes.

Also the diagram above would require a security model that manages to keep things safe with untrusted speakers in between (here you would need an advice from somebody experienced with the problem stated this way).

    Denis Ovsienko

More information about the Babel-users mailing list