[Nfd-dev] AutoPrefixPropagator inside mini-NDN

Lan Wang (lanwang) lanwang at memphis.edu
Tue Feb 21 14:09:32 PST 2017 


> On Feb 21, 2017, at 4:04 PM, Nicholas Michael Gordon (nmgordon) <nmgordon at memphis.edu> wrote:
> 
> It's signed following Junxiao's instructions:
> 
> 1. Generate the key, here "/ndn/endhost"
> 2. Export that key as a certificate
> 3. Import that key into the hub router (router1)
> 4. Restart NFD on router1
> 
> So that hub router has the key in the keychain. I'm not sure if this
> circumvents the signature verification.
> 
> John,
> 
> I have lots of NFD logs, but I'm not very skilled at reading them. What
> I see is that the strategy shows this:
> 
> 1487713935.381784 DEBUG: [BestRouteStrategy2]
> /localhop/nfd/rib/register/h%19%07%0E%08%03ndn%08%07endhosti%01%00o%01Aj%01%0F/%00%00%01Zb%A9%20%05/%EA%1E%E1%2A%AFm%C8A/%166%1B%01%01%1C1%07%2F%08%03ndn%08%07endhost%08%03KEY%08%11ksk-1487713107245%08%07ID-CERT/%17%FD%01%00%05%19%B3%C68%DC%F8L%B5e%FC%E6%EF%9C%B5%14%B8%BF%CA%BC%FFM%3E%D7%C9z%2A%3BVz%8B%A5Q%81%CA%9Fsf%997%AFZ3%5D%FD%E1%2Aj%A6%A6%23%7Bj%A6R%E2F%82J%92%14%7B%92%BE%C6%902%40%AB%26%1C%83%07%01%12%A9%8Bn%07%F3Tl%0D%D6%98d%ED%A2F%0C%12%EBB-C%B0_%5B%86%B0%9D%3ED8%B47%83s%3C%0BMH%5E%FF%7C%13UtY%95%90%0F%CFm%F2%ECPm%CEj%2F%D8%94%07%C1%7D%28%DA%97%B1%A1%C5s%97%3A%C3%CE%91%29%EB%23A1l4X0Q%AD%05%0F%98e%B1qa%D0%A7Dh%B0%CD%FDw%C2%9E%09%FA%DD%F1%DF%D5%A5%C1%A8%3E%93%E8%11%85%BE%19rg6%DE%A6o%1B%C4E%C1%9F%E6H3N%60%1B%14Y%AE%BD%24%0F%82%0A9l%BC%B0%AF%19%EAzFJs%D6%2A%F0gM%D7%D6%A2%D6%FA%151%07%08G%EDUYPO%0F%12%E7%AFm%A3%9E%B8?ndn.InterestLifetime=10000&ndn.Nonce=763432487
> from=265 noNextHop
> 
> I see that the end there shows no nexthops. I don't fully understand
> this, because isn't that what the register command, which is from
> AutoPrefixPropagator, is doing? Saying that "on this Face, you can reach
> this prefix"? Do I have to do some other kind of configuration on router1?

You can’t depend on the prefix registration to set up the FIB entry for the key name.  You need the key to verify that prefix registration command.

On the other hand, looks like you are trying to store the key locally at the router (importing the key into the hub router?), so the router should be able to find the key and its certificate locally.  Something is not right if it can’t find the key locally.

Lan
> 
> -Nick
> 
> On 02/21/2017 03:49 PM, Lan Wang (lanwang) wrote:
>> Maybe a little more information would help.  What’s the name of the key
>> that signed the interest from the node to the hub?  Does the router have
>> the route in its FIB to retrieve that key?
>> 
>> Lan
>> 
>>> On Feb 21, 2017, at 1:03 PM, Nick Gordon <nmgordon at memphis.edu
>>> <mailto:nmgordon at memphis.edu>> wrote:
>>> 
>>> I'm developing an integration test to verify that Readvertise works in
>>> conjunction with AutoPrefixPropagator. However, I can't get
>>> AutoPrefixPropagator to work.
>>> 
>>> I've followed the step's on Junxiao's blog to the T, and I verify that
>>> the propagation target router is receiving the interest, but it is
>>> rejecting them. Why it is rejecting them, I don't know, because I have
>>> set both localhost and localhop security off (i.e. to "trust-anchor any").
>>> 
>>> Anyone have any suggestions about this?
>>> _______________________________________________
>>> Nfd-dev mailing list
>>> Nfd-dev at lists.cs.ucla.edu <mailto:Nfd-dev at lists.cs.ucla.edu>
>>> http://www.lists.cs.ucla.edu/mailman/listinfo/nfd-dev
>>

More information about the Nfd-dev mailing list