9 Jun
2019
9 Jun
'19
9:55 a.m.
Hi Martin,
On Sun, Jun 09, 2019 at 09:47:01PM +1200, Martin Buhr wrote:
Hi,
I love this project and have already set up a local mesh with a few
routers. My concern is that I want to be able to control who adds nodes to
the mesh, from what I can tell, just having a flashed router set up with
the correct Mesh ID adds it to the routing table, which is a worry if you
want a more controlled roll-out, i.e. how do you stop a malicious actor
adding a mesh router and just sniffing all the packets (assuming nobody
uses VPN or TLS of course, it's hypothetical)?
I tried to set up an encrypted mesh with 802.11s but the mesh netowrks
vanished after adding he packages and configuration change, I assume
because of the two-rdio issue described elsewhere. I was wondering if
something simpler, like a MAC whitelist or a node IP whitelist is possible
to simply make the network growth a bit more manageable?
We are using SAE with a pre-shared-key as well as BMX7 with signed
routing information to implement granular access control to our local
mesh and gateway here in Leipzig. Which issue are you refering to and
what do you mean by 'vanished'?
I understand this goes against the "Libre" principle, and may not be viable
with a distributed network, but given I do not have the netowrk skill to
figure this out on my lonesome I thought I'd ask.
Cheers,
Martin
_______________________________________________
lime-users mailing list
lime-users(a)lists.libremesh.org
https://lists.libremesh.org/mailman/listinfo/lime-users