Table of Contents
We will show in this section how to connect two hosts using HIP. We assume two machines called crash and oops that are in the same network. Crash is the one that starts a communication against oops.
Both machines are used through this whole document as examples even though you probably have your own naming and addressing conventions. It is possible to use IPv4 addresses as well as IPv6 addresses on-wire.
We will show how to test IPv4 and IPv6 applications. Meanwhile IPv6 applications use the HIT identifier, IPv4-only applications use the LSI identifier. This is an IPv4 address in the range 1.0.0.0/8. Firstly, we explain how to configure HIPL when we want to use IPv4 applications. Secondly, we introduce some tests with IPv6 applications. To finalize, we discuss the interoperability between IPv4 and IPv6 applications using HIP.
Initial configuration.
We have different mechanism for mapping the HIT-LSI information. We can choose whatever of the next possibilities. The user can introduce manually the LSI or this can be created automatically by the hip daemon. It should be noticed that the address interval between 1.0.0.1 - 1.0.0.4 is already in use by the hipd, so the user must choose a free LSI. These four LSIs are the local LSIs assigned with the four local HITs.
crash:
Add the information in /etc/hip/hosts
OOPS_HIT oops
OOPS_LSI oops Optional! If it's not defined, it would be created by the daemon
Add the information with tools/hipconf add map
hipconf add map OOPS_HIT OOPS_IP [OOPS_LSI]
If the command hipconf add map is not executed, we must add the peer IP in the file /etc/hosts
OOPS_IP oops
Apart from starting the hipd process, the hipfw process must be also started in both machines, oops and crash. Notice that hipfw must be started always after hipd!
cd somewhere/hipl
hipd/hipd # (to start as a background daemon process, add -b flag)
firewall/hipfw -l (to start the firewall with LSI support enabled)
Beforehand the following rules must be added in the file /etc/hip/firewall.conf
crash:
INPUT -src_hit OOPS_HIT ACCEPT
OUTPUT -dst_hit OOPS_HIT ACCEPT
oops:
INPUT -dst_hit OOPS_HIT ACCEPT
OUTPUT -src_hit OOPS_HIT ACCEPT
Running the application.
Once we have finished the step before and started running hipd and hipfw, we can run the application. If the LSI has been generated automatically, we can check its value with tools/hipconf get ha OOPS_HIT or tools/hipconf get ha all. Afterwards, we start running the application, e.g.:
ping OOPS_LSI
ssh OOPS_LSI
nc OOPS_LSI -u 5555 # oops must be running nc -l -u -p 5555