Hi,
On Dienstag 06 Januar 2009, Alexander Morlang wrote:
Axel Neumann schrieb:
We wanted batmand (and especially its core routing algorithm) to be decentral and simple. So no central point of control/failure and therefore also no HNA server. Of course there are many potential attack vectors in a community mesh and probably there will always be until you completely restrict the access. Therefore IMHO the preferable security to be solved should be:
- detect and protect against (usually accidental) misconfigurations like
duplicate addresses.
sure, a duplicate address is something the routingprotocoll has to detect and to react on, but: duplicate HNA are very importand and widely accepted in the internet community, they are called anycast and are a vital instrument in network design and deployment.
as an example, anycast ist used for dns root servers, 6to4 tunnel and many other usecases.
i am still not understanding why you are discussing about removing such important thing as anycast.
I think nobody wants to remove it. I wanted to point out that real anycast routing has never been supported by batman/bmx and that our features for HNA should NOT be confused with anycast routing. The problem is that the concept of anycast-routing does not easily fit into the batman routing algorithm which relies on a single-source of originator messages (OGMs) for any given destination.
I agree that the lack of anycast routing support is a problem and not a feature. Especially when talking about quagga/zebra like route exchange between different autonomous systems.
ciao, axel
anycast is a way to use distributed services, as you can announce an anycast address on every node, providing a specific service and packets will get routed to the nearest service provider.
- find mechanisms to limit the impact of denial of service or other
attacks to the local environment (neighborhood).
<removed>
Gruss, Alex _______________________________________________ B.A.T.M.A.N mailing list B.A.T.M.A.N@open-mesh.net https://list.open-mesh.net/mm/listinfo/b.a.t.m.a.n