[Olsr-users] High-level questions about encryption on OLSR ad-hoc mesh

[L. Aaron Kaplan]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


On Mar 22, 2011, at 8:16 AM, Ben West wrote:

> Hi All,
> 
> In lieu of discussion about diminishing returns for enabling whatever limited encryption is supported for adhoc/mesh modes, I'm curious if anyone on the list has good experience using OpenVPN with OpenWRT meshes?


>  I'm curious about the prospect of just setting up VPN tunnels thru the unencrypted mesh as needed, but I would be wary of placing undue load on any embedded CPU, whether in the access point or in a downstream router.
> 



As you already mentioned, encrypting and decrypting all the traffic on small embedded devices can be quite CPU hungry.
OpenVPN is great, but it has one additional minor drawback: all traffic goes to userspace and back.

Last point: note that when you use tap devices in OpenVPN, then you essentially create one big layer 2 switch. You might or 
might not want this in an OLSR network, since OLSR then will believe that all those nodes are immediate neighbors. When in fact
they might be connected via a 50% packetloss link.

At funkfeuer.at we use OpenVPN a lot to connect "remote islands" (nodes which are not directly connected through Wi-Fi) via cable to the main uplink.
It works (but we had some occasional glitches in the past)

a.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (Darwin)

iEYEARECAAYFAk2InecACgkQxEgyMttZ8Yx+lQCfYfchQ0DZIzinCZdiAO2rr4er
UZwAoIrS7UZ3qUNmM1Nos9kefbUCHxpo
=Bg7g
-----END PGP SIGNATURE-----