hipl development package
Hello,
are there development packages for hipl? For an introduction with HIPL, I write a simple hello world application. I can not find any where the functions of Native HIP API, for example from the article http://
Thanks,
Kirill
Question information
- Language:
- English Edit question
- Status:
- Solved
- For:
- HIPL Edit question
- Assignee:
- No assignee Edit question
- Solved by:
- Kirill Yudenok
- Solved:
- Last query:
- Last reply:
Revision history for this message
|
#1 |
The API to use is the normal socket API. You will need the HIP programs installed to connect to HIP addresses (HITs)
Revision history for this message
|
#2 |
Ok, thanks,
I know that may use normal socket API, I wanted to try the Native API and the PF_HIP family. Сan I connect to a web host, for example "crossroads.
Thanks,
Kirill
Revision history for this message
|
#3 |
We do not support the native API anymore (you can find it from earlier unsupported releases). HIP can be supported in legacy applications as follows:
http://
The trunk also supports experimental application-layer library (albeit mobility support has not been merged yet from a branch):
Revision history for this message
|
#4 |
Thanks Mikka,
i want to add HIP support to third-party software, first of all i trying to write a simple client to communicate with hipd. Do I understand correctly that I need to use normal socket API to work with hipd or some other scenario to add this support?
Thanks,
Kirill
Revision history for this message
|
#5 |
Yes, you have to use normal Sockets API and you have to implement your own logic if you want to make your application aware of HIP. The core issue is how you design the bindings with HIT-IP mappings:
1. Locally at the host (e.g. hosts files or hipd configuration file)
2. You implement your own application-
3. You use the tools provided by HIPL
4. You can experiment with the HIP stand-alone library (experimental, unstandardized)
I recommend the third option as a starting point and for this HIPL offers two kinds of functionality:
a) Forward DNS resolution (hostname -> HIT+IP) using the DNS proxy (*) that works with legacy applications
b) Reverse DNS resolution (HIT -> IP)
The first option works with vanilla bind, that is, you can set up your own HI records in DNS. The second option requires a patch to bind and it is not really needed in all scenarios. Please refer to chapter five for the details.
(*) DNS proxy has a bug on the latest Ubuntu LTS that we're working on to solve
Revision history for this message
|
#6 |
Thanks Miika Komu, that solved my question.
Revision history for this message
|
#7 |
Thanks Miika for a detailed explanation, if I have some problem, I will write.
Please check: Libhipl sample program. For a libhipl usage example, refer to the check_libhipl program in the test directory.
> I didn't find this test in 1.0.7 HIPL verion.
With pleasure,
Kirill Yudenok
Revision history for this message
|
#8 |
The manual is created from the trunk in the version control (i.e. nightly tarball). The check_libhipl software is not yet available in a release.
Revision history for this message
|
#9 |
Hello, Miika,
I have a problem with HIT->IP mapping. I installed two VMs, for example host and server (Ubuntu 10.04), configured HIPL using HIPL tools and tested connection by ping6 <HIT_server> <IP_server>. Connection is successfully established. When I am trying to setup HIT-IP mapping with my IPv4 client/server, using documentation chapter (http://
Because my applications using IPv4 addresses, I want to assing them own LSI (not standart -- 1.0.0.1/2) and use them in my applications. How can I do this?
Also somewhere in the manual I read that LSI are available only on localhost. Is this true? If so, how else can I customize the HIT-IP mapping, use the hipdnsproxy?
Could you also comment on, what the command <hipconf daemon run normal|opp _app_> does?
Thanks,
Kirill
Revision history for this message
|
#10 |
And also I have following error in hipd debug mode: error(hipd/
May be that's I can not assign LSI to host?
Thanks,
Kirill.
Revision history for this message
|
#11 |
> Because my applications using IPv4 addresses, I want to assing them own LSI (not standart -- 1.0.0.1/2) and use them in my
> applications. How can I do this?
In HIPL, 1.0.0.1 is the local host. At the moment, you can't change this value from hipconf but rather modify the code (check the usage of HIP_LSI_PREFIX and grep -r for "1.0.0" string from the code).
You can assign the remote host LSIs freely, assuming you use the 1.0.0.0/8 namespace. The remote LSIs are configure similarly as HITs. For instance, I have in /etc/hip/hosts:
2001:15:
1.0.0.2 test
and the following in /etc/hosts:
192.168.1.2 test
The symbolic host name binds these mappings together. If I don't specify the LSI, hipd will just allocate the first free LSI for the remote host during the key exchange.
Few notes:
* You can "overload" all this information to /etc/hosts if you don't want to use /etc/hip/hosts at all.
* You may have to restart hipd after changing the files
> Also somewhere in the manual I read that LSI are available only on localhost. Is this true?
Yes, each individual host is supposed to manage it's own LSIs. You can consider it as an "alias" to a HIT.
(For research purposes, you could consider publishing LSIs in a local DNS using "split horizon" to keep the LSI information local to the network. However, hipd does not support this and this works only for static configurations where hosts do not move outside of the local network. Also, the LSIs are not inherently secure like HITs)
> If so, how else can I customize the HIT-IP mapping, use the hipdnsproxy?
For local (testing purposes), you can use:
a) Combination of /etc/hip/hosts and /etc/hosts files (requires DNS proxy)
b) Overload this in /etc/hosts (does not require DNS proxy)
c) It is possible also to use /etc/hip/
For global (production-like) environment you should set up your own DNS server and publish the public keys there (instructions in the manual). This requires support from the DNS proxy to translate public keys into HITs. You can test our DNS service by running dnsproxy and then typing e.g. "host crossroads.
> Could you also comment on, what the command <hipconf daemon run normal|opp _app_> does?
This is has been removed from the latest releases but it appears it is still mentioned in the manua (I'll remove)l. If you're interested in what this did, here are the details:
Revision history for this message
|
#12 |
Thanks Miika for detailed answer.
I configured some kind of HIP-IP mapping and now client/server programs communicate together using LSI addresses. I had problems with /etc/hosts mapping and then setup map with <hipconf set map>. There are some doubts about this mapping, but now сlient ping server LSI and communicate with him using it.
Next step I want to develop own HIP client, that communicates with IPv4 server. What recommendations you may give and what HIP API to use? Something like libhipl extension or is there a higher level API?
Thanks,
Kirill.
Revision history for this message
|
#13 |
> I had problems with /etc/hosts mapping and then setup map with <hipconf set map>
Please describe the problem?
> What recommendations you may give and what HIP API to use?
Officially, is should recommend for RFC 6317 but HIPL does not support this anymore, and I can't really suggest older releases.
> Something like libhipl extension or is there a higher level API?
libhipl is not only an API but also a somewhat different protocol (Application Identity Protocol, if you will).
You can define you're own API, depending on your needs:
* look up of HIP based names (you can define your own DNS replacements, if you will)
* checking of HIP-based connectivity (please see the RFC)
You can send me information about your requirements specification to here, the mailing list or privately.
Revision history for this message
|
#14 |
Hello Miika,
sorry for the long answer.
> I had problems with /etc/hosts mapping and then setup map with <hipconf set map>
> Please describe the problem?
May be it wasn't the problem, but sometimes hipd can't allocate me pointed LSI in /etc/hosts, may be i miss anything. I simply add map to HIP client and run hipfw with hipd and it allocated me automatical LSI.
> Officially, is should recommend for RFC 6317 but HIPL does not support this anymore, and I can't really suggest older releases.
Ok, thanks.
>libhipl is not only an API but also a somewhat different protocol (Application Identity Protocol, if you will).
>You can define you're own API, depending on your needs:
>* look up of HIP based names (you can define your own DNS replacements, if you will)
>* checking of HIP-based connectivity (please see the RFC)
>You can send me information about your requirements specification to here, the mailing list or privately.
Thank you. Now I am busy with the other not less important task and slightly pushed creation of HIP agent, but in the future will come back to it and describe more specific requirements on the basis of already developed solutions.
Merry Christmas!
With best regards,
Kirill Yudenok