SDP(3)                                                     SDP(3)

          sdp - secure datagram protocol

          bind -a #Espec /net
9          /net/sdp/clone

          The sdp device provides the interface to the Secure Datagram
          Protocol (SDP).  SDP (un)compresses and (de-)encrypts pack-
          ets.  Spec is an integer from 0 to 15 identifying a stack.
          Each stack is independent of all others: the only informa-
          tion transfer between them is via programs that mount multi-
          ple stacks.  Normally a system uses only one stack.  However
          multiple stacks can be used for debugging new networks or
          implementing firewalls or proxy services.

          The top level directory contains a clone file, a log file,
          and subdirectories numbered from zero to the number of con-
          nections opened for this protocol.

          Opening the clone file reserves a connection.  The file
          descriptor returned from the open(2) will point to the con-
          trol file, ctl, of the newly allocated connection.  Reading
          ctl returns a text string representing the number of the
          connection.  Connections may be used either to listen for
          incoming calls or to initiate calls to other machines.

          A connection is controlled by writing text strings to the
          associated ctl file.  After a connection has been estab-
          lished data may be read from and written to data.  A connec-
          tion can be actively established using the connect message
          (see also dial(2)). A connection can be established pas-
          sively by first using an announce message (see dial(2)) to
          bind to a local port and then opening the listen file (see
          dial(2)) to receive incoming calls.

          The following control messages are supported:


     Page 1                       Plan 9             (printed 7/23/24)

     SDP(3)                                                     SDP(3)

          accept file       Accept an incoming encrypted connection on
                            file, typically a data file.

          dial file         Initiate a new encrypted connection on
                            file, typically a UDP data file.

          drop permil       Randomly drop approximately one of every
                            permil output packets, thus simulating
                            network errors.

          cipher algorithm  Use ciphering algorithm; choices are
                            `null', `des_56_cbc', `rc4_128', and

          auth algorithm    Use authentication algorithm; choices are
                            `null', `hmac_sha1_96', and `hmac_md5_96'.

          comp algorithm    Use compression algorithm; choices are
                            `null' and `thwack'.

          insecret secret   Use secret to decrypt incoming packets.

          outsecret secret  Use secret to encrypt outgoing packets.

          dial(2), ip(3)
          Robust Data Compression of Network Packets, Sean Dorward and
          Sean Quilan, Bell Labs, Lucent Technologies,


     Page 2                       Plan 9             (printed 7/23/24)