HIP - was Re: [CentOS] Centos 5.2, Firefox 3, and IPv6
rgm at htt-consult.com
Thu Aug 28 02:50:22 UTC 2008
Rob Townley wrote:
> On Wed, Aug 27, 2008 at 8:24 AM, Robert Moskowitz <rgm at htt-consult.com
> <mailto:rgm at htt-consult.com>> wrote:
> Um, as the original poster, I WANT IPv6. Not make IPv4 lookups
> faster by ignoring AAAA records.
> Further testing has IPv6 working just fine. Thing is when I
> enable the HIP API intercepts, FIrefox does not work. Like they
> are doing something 'non-standard' with the regualr TCP socket API
> so that HIP can't slide in there. I tried disabling a number of
> options, thinking it might be some security setting, but if it is,
> I have not found it.
> Yep, i fully understood you wanted IPv6. i just thought you might
> want to verify what settings you have for Firefox -- making sure
> Firefox has turned on IPv6 dns.
Default was on.
> Just curious, what is the motivation for the HIP api stuff, it is not
> there by default is it?
read the RFCs on HIP: 4423 and 5201-5206.
4423 provides the justification of HIP and its architecture. I created
HIP almost 10 years ago, shortly after (as IPsec co-chair) got the IPsec
RFCs out. HIP is much more than an alternative keying protocol for ESP
(compared to IKE). It directly addresses secure mobility. HIP **IS**
an important change to the TCP/IP architecture; this has been part of
its slow advancement. As such it has its own 'native' API:
I can go into more about HIP if you wish.
More information about the CentOS