On Mon, Oct 26, 2020 at 12:09 PM Petrenko, Vadim <vadim.petre...@ns.nl> wrote:
> Dear Qpid developers, > > Interior routers use their specific Routing protocol to exchange routing > information and discover each other. > Does this protocol use the regular AMQP as the underlying transport or is > it a separate protocol running on the same port (like Artemis that can > listen to CORE, AMQP, MQTT, etc. on the same port)? > The inter-router routing protocol runs over the same inter-router connection that carries the routed traffic. The protocol runs over AMQP, using AMQP encoding and is encrypted in the same way as all other inter-router traffic. > > While the documentation already states that: “Connections between the > interior routers are encrypted (with SSL/TLS)", I also wanted to double > check whether this encryption applies to the Routing protocol too? > Yes. It is very important that the routing protocol be secured with encryption and secure cryptographic authentication to prevent unauthorized "routers" from joining the network. > And to complete the question: Are there any other (technical) protocols on > the same port that are possibly not encrypted? > No. The encryption is applied at the connection level. All interactions that are multiplexed over those connections are encrypted. All of this assumes that the inter-router listeners are configured to require encryption. It is possible to configure them to run in-the-clear or with optional encryption. > Thanks! > > ________________________________ > > Deze e-mail, inclusief eventuele bijlagen, is uitsluitend bestemd voor > (gebruik door) de geadresseerde. De e-mail kan persoonlijke of > vertrouwelijke informatie bevatten. Openbaarmaking, vermenigvuldiging, > verspreiding en/of verstrekking van (de inhoud van) deze e-mail (en > eventuele bijlagen) aan derden is uitdrukkelijk niet toegestaan. Indien u > niet de bedoelde geadresseerde bent, wordt u vriendelijk verzocht degene > die de e-mail verzond hiervan direct op de hoogte te brengen en de e-mail > (en eventuele bijlagen) te vernietigen. > > Informatie vennootschap<http://www.ns.nl/emaildisclaimer> > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@qpid.apache.org > For additional commands, e-mail: users-h...@qpid.apache.org > >
