[Olsr-users] Inquiry about secure plugin of OLSR

Henning Rogge (spam-protected)
Wed May 11 16:54:47 CEST 2011


On Wed May 11 2011 16:46:01 Zack Genesis wrote:
> I am currently ping to a direct neighbors...
> Like you say it seem to reject OLSRd packet... as in the OLSRd routing
> table it define the etx to that neighbor as INFINITE
> Although it's INFINITE, I'm still able to ping that neighbor IP
Yes... you could easily ping the neighbor even without running OLSRd at all, 
because its in ARP range. OLSRd cannot prevent this.

Keep in mind OLSRd does only setup IP forwarding routes, it does not forward 
the traffic itself.

> I was hoping to implement the secure in a way that under same SSID
> I would have 2 different secure network. That devices under network 1 do
> not communicate to devices under network 2... As they each have their own
> secure password...
> 
> Is there any ways to implement the secure plugin that allow me to do so???
You might be able to do this by setting up a blackhole route for the mesh 
network, so that all unicast packets without an explicit OLSRd routes are not 
send at all.

But this neither would prevent an 'attacker' from sending the packet anyways 
nor would it block multicast traffic from services like Zeroconf.

Henning Rogge

-- 
Diplom-Informatiker Henning Rogge , Fraunhofer-Institut für
Kommunikation, Informationsverarbeitung und Ergonomie FKIE
Kommunikationssysteme (KOM)
Neuenahrer Straße 20, 53343 Wachtberg, Germany
Telefon +49 228 9435-961,   Fax +49 228 9435 685
mailto:(spam-protected) http://www.fkie.fraunhofer.de
GPG: E1C6 0914 490B 3909 D944 F80D 4487 C67C 55EC CFE0
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.olsr.org/pipermail/olsr-users/attachments/20110511/4bfc2fb2/attachment.sig>


More information about the Olsr-users mailing list