… | |
… | |
72 | floods due to protocol problems (like a rsa key file mismatch between two |
72 | floods due to protocol problems (like a rsa key file mismatch between two |
73 | hosts). |
73 | hosts). |
74 | |
74 | |
75 | =head2 Routing and Protocol translation |
75 | =head2 Routing and Protocol translation |
76 | |
76 | |
77 | ... not yet written, please bug me ... |
77 | The vpe routing algorithm is easy: there isn't any routing. Vped always |
|
|
78 | tries to establish direct connections, if the protocol abilities of the |
|
|
79 | two hosts allow it. |
78 | |
80 | |
|
|
81 | If the two hosts should be able to reach each other (common protocol, ip |
|
|
82 | and port all known), but cannot (network down), then there will be no |
|
|
83 | connection, point. |
|
|
84 | |
|
|
85 | A host can usually declare itself unreachable directly by setting it's |
|
|
86 | port number(s) to zero. It can declare other hosts as unreachable by using |
|
|
87 | a config-file that disables all protocols for these other hosts. |
|
|
88 | |
|
|
89 | If two hosts cannot connect to each other because their IP address(es) |
|
|
90 | are not known (such as dialup hosts), one side will send a connection |
|
|
91 | request to a router (routers must be configured to act as routers!), which |
|
|
92 | will send both the originating and the destination host a connection info |
|
|
93 | request with protocol information and IP address of the other host (if |
|
|
94 | known). Both hosts will then try to establish a connection to the other |
|
|
95 | peer, which is usually possible even when both hosts are behind a NAT |
|
|
96 | gateway. |
|
|
97 | |
|
|
98 | If the hosts cannot reach each other because they have no common protocol, |
|
|
99 | the originator instead use the router with highest priority and matching |
|
|
100 | protocol as peer. Since the SRCDST field is not encrypted, the router host |
|
|
101 | can just forward the packet to the destination host. Since each host uses |
|
|
102 | it's own private key, the router will not be able to decrypt or encrypt |
|
|
103 | packets, it will just act as a simple router and protocol translator. |
|
|
104 | |
|
|
105 | When no router is connected, the host will aggressively try to connect to |
|
|
106 | all routers, and if a router is asked for an unconnected host it will try |
|
|
107 | to ask another router to establish the connection. |
|
|
108 | |
|
|
109 | ... more not yet written about the details of the routing, please bug me |
|
|
110 | ... |
|
|
111 | |