[Babel-users] althea presentation on isp in a box at nanog 76
Toke Høiland-Jørgensen
toke at toke.dk
Fri Jun 21 20:17:08 BST 2019
Justin Kilpatrick <justin at altheamesh.com> writes:
>> Hmm... does HMAC alleviate the need for the bottom layer?
>>
>> https://tools.ietf.org/html/draft-ietf-babel-hmac
>>
>> (It's implemented, but not merged yet -- I've got two students working on
>> making it mergeable.)
>
> HMAC would resolve the need for the bottom layer. There are advantages to being able to share keys between the layers though. Not sure I would want to give up on Wireguard especially since we're so dependent on it for performance. All this encryption on little passively cooled processors is a real challenge.
>
>> It's also only designed to work with link-local addresses, I'm not sure
>> how much work it would be to get it work over global addresses.
>
> Link local is fine. The big kicker for Wireguard is uniqueness.
There have been some discussion of adding multicast support in
Wireguard. Never went anywhere (yet), though; but I don't think Jason
has ruled it out...
-Toke
More information about the Babel-users
mailing list