[B.A.T.M.A.N.] dublicate HNAs / certificates

Stephan Enderlein (Freifunk Dresden) freifunk at ddmesh.de
Fri Dec 19 11:06:40 UTC 2008


Hi,

> I like brainstorming like this.
me too.

> We wanted batmand (and especially its core routing algorithm) to be decentral
> and simple. So no central point of control/failure and therefore also no HNA
> server.
Perhaps there is a different solution. What if everybody may broadcast their HNA
like batman is currently working and batmand get a list of router ip from which
HNA is accepted?
The bad-guy has normally no way to modify the firmware of other routers and can not
tell the batmand to accept its faulty HNA.
In this case batman can be updated requlary by cron-job and needs only check HNA against
it list.
A positiv and negativ list should be possible. Perhaps the list may contain network ranges.
(hcl = hna control list)

the firmware of the router may request the list from a server.
In case a non accepted hna is received, batmand may completely ignore the node, that is injecting
invalid HNA. When I understand you right, batmand currently ignores nodes completely that
are sending the same HNA?

/stephan

---------------------------------------
Dipl.Informatiker(FH) Stephan Enderlein
Freifunk Dresden





More information about the B.A.T.M.A.N mailing list