-
Notifications
You must be signed in to change notification settings - Fork 0
UDPSEC and nmea_sproxy
UDPSEC is AISMixer's authenticated encrypted UDP transport for station-to-mixer traffic. It is not a standardized external protocol; it is the secure UDP path implemented by AISMixer and nmea_sproxy.
nmea_sproxy is the station-side proxy. One nmea_sproxy process represents one relation:
one local UDP input -> one configured secure AISMixer destination
Run separate processes or systemd template instances when a station needs separate local UDP inputs or separate secure destinations.
The station authenticates to AISMixer with an ECDSA identity key. AISMixer authorizes stations from configured public keys, normally in authorized_keys.yaml. The station also verifies the AISMixer server key configured on the station side.
After handshake, AIS payloads are carried in authenticated AES-GCM encrypted packets. Liveness traffic also uses authenticated encrypted ping/pong messages. Those pings help keep NAT, CGNAT, and mobile-network UDP mappings active while giving the proxy a way to detect an unresponsive peer.
peer_timeout ends the current session when matching encrypted pongs stop arriving, and the proxy reconnects. session_refresh_interval can schedule periodic re-handshakes; the default 0 disables scheduled periodic refresh.
AISMixer may send NOSESSION when it receives traffic for a session it no longer has. NOSESSION is unauthenticated and is only a reconnect hint. The proxy treats it as a signal to end the local session and handshake again after reconnect delay.
UDPSEC does not make UDP reliable. Packet loss is still possible, and delivery of every AIS sentence is not guaranteed. A changed client source IP or source port requires a new handshake. Session migration between addresses is not implemented.
UDPSEC routing identity comes from the authenticated station identity:
udpsec:rPiAIS002
sec_inputs[].id is a listener or TAG alias input. It does not replace the authenticated UDPSEC routing identity.
The emitted NMEA TAG s value and the internal authenticated source_id are separate concepts. Routing uses source_id; TAG s is output metadata. See Routing Model and Security Model.
Station private keys must remain private and must not be copied to AISMixer. AISMixer stores authorized station public keys, not station private keys.
Configuration files and key files should have restrictive filesystem permissions appropriate for the local deployment. Never commit private keys or deployment-specific secrets into Git.
Use placeholders for documentation and examples, not real key material.
The detailed station-side guide lives in the main repository: