Initial configuration.
We have different mechanism for mapping the HIT-LSI information. We can choose whatever of the next possibilities. The user can introduce manually the LSI or this can be created automatically by the hip daemon. It should be noticed that the address interval between 1.0.0.1 - 1.0.0.4 is already in use by the hipd, so the user must choose a free LSI. These four LSIs are the local LSIs assigned with the four local HITs.
crash:
Add the information in /etc/hip/hosts
OOPS_HIT oops
OOPS_LSI oops Optional! If it's not defined, it would be created by the daemon
Add the information with tools/hipconf add map
hipconf add map OOPS_HIT OOPS_IP [OOPS_LSI]
If the command hipconf add map is not executed, we must add the peer IP in the file /etc/hosts
OOPS_IP oops
Apart from starting the hipd process, the hipfw process must be also started in both machines, oops and crash. Notice that hipfw must be started always after hipd!
cd somewhere/hipl
hipd/hipd # (to start as a background daemon process, add -b flag)
firewall/hipfw -lA (to start the firewall with LSI support enabled and allow HIP/ESP packets)
Beforehand the following rules must be added in the file /etc/hip/firewall.conf
crash:
INPUT -src_hit OOPS_HIT ACCEPT
OUTPUT -dst_hit OOPS_HIT ACCEPT
oops:
INPUT -dst_hit OOPS_HIT ACCEPT
OUTPUT -src_hit OOPS_HIT ACCEPT
Running the application.
Once we have finished the step before and started running hipd and hipfw, we can run the application. If the LSI has been generated automatically, we can check its value with tools/hipconf get ha OOPS_HIT or tools/hipconf get ha all. Afterwards, we start running the application, e.g.:
ping OOPS_LSI
ssh OOPS_LSI
nc OOPS_LSI -u 5555 # oops must be running nc -l -u 5555