24 files changed, 602 insertions, 394 deletions

diff --git a/src/tools/CMakeLists.txt b/src/tools/CMakeLists.txt
index 7c40d9ae..3cec8172 100644
--- a/src/tools/CMakeLists.txt
+++ b/src/tools/CMakeLists.txt
@@ -1,9 +1,71 @@
-add_subdirectory(irm)
-add_subdirectory(ocbr)
-add_subdirectory(oecho)
-add_subdirectory(obc)
-add_subdirectory(oping)
-add_subdirectory(operf)
-if (CMAKE_SYSTEM_NAME STREQUAL "Linux")
-  add_subdirectory(ovpn)
-endif ()
+# Tools build configuration
+
+set(TOOLS_INCLUDE_DIRS
+  ${CMAKE_CURRENT_SOURCE_DIR}
+  ${CMAKE_SOURCE_DIR}/include
+  ${CMAKE_BINARY_DIR}/include
+)
+
+set(IRM_SOURCES
+  irm/irm.c
+  irm/irm_bind_program.c
+  irm/irm_bind_process.c
+  irm/irm_bind_ipcp.c
+  irm/irm_ipcp_create.c
+  irm/irm_ipcp_destroy.c
+  irm/irm_ipcp_bootstrap.c
+  irm/irm_ipcp_enroll.c
+  irm/irm_ipcp_list.c
+  irm/irm_ipcp_connect.c
+  irm/irm_ipcp_disconnect.c
+  irm/irm_unbind_program.c
+  irm/irm_unbind_process.c
+  irm/irm_unbind_ipcp.c
+  irm/irm_unbind.c
+  irm/irm_bind.c
+  irm/irm_ipcp.c
+  irm/irm_name.c
+  irm/irm_name_create.c
+  irm/irm_name_destroy.c
+  irm/irm_name_reg.c
+  irm/irm_name_unreg.c
+  irm/irm_name_list.c
+  irm/irm_utils.c
+)
+
+add_executable(irm ${IRM_SOURCES})
+target_include_directories(irm PRIVATE ${TOOLS_INCLUDE_DIRS})
+target_link_libraries(irm PRIVATE ouroboros-irm)
+install(TARGETS irm RUNTIME DESTINATION ${CMAKE_INSTALL_SBINDIR})
+
+add_executable(oping oping/oping.c)
+target_include_directories(oping PRIVATE ${TOOLS_INCLUDE_DIRS})
+target_link_libraries(oping PRIVATE ${LIBM_LIBRARIES} ouroboros-dev)
+install(TARGETS oping RUNTIME DESTINATION ${CMAKE_INSTALL_BINDIR})
+
+add_executable(oecho oecho/oecho.c)
+target_include_directories(oecho PRIVATE ${TOOLS_INCLUDE_DIRS})
+target_link_libraries(oecho PRIVATE ouroboros-dev)
+install(TARGETS oecho RUNTIME DESTINATION ${CMAKE_INSTALL_BINDIR})
+
+add_executable(ocbr ocbr/ocbr.c)
+target_include_directories(ocbr PRIVATE ${TOOLS_INCLUDE_DIRS})
+target_link_libraries(ocbr PRIVATE ouroboros-dev)
+install(TARGETS ocbr RUNTIME DESTINATION ${CMAKE_INSTALL_BINDIR})
+
+add_executable(obc obc/obc.c)
+target_include_directories(obc PRIVATE ${TOOLS_INCLUDE_DIRS})
+target_link_libraries(obc PRIVATE ouroboros-dev)
+install(TARGETS obc RUNTIME DESTINATION ${CMAKE_INSTALL_BINDIR})
+
+add_executable(operf operf/operf.c)
+target_include_directories(operf PRIVATE ${TOOLS_INCLUDE_DIRS})
+target_link_libraries(operf PRIVATE ouroboros-dev)
+install(TARGETS operf RUNTIME DESTINATION ${CMAKE_INSTALL_BINDIR})
+
+if(CMAKE_SYSTEM_NAME STREQUAL "Linux")
+  add_executable(ovpn ovpn/ovpn.c)
+  target_include_directories(ovpn PRIVATE ${TOOLS_INCLUDE_DIRS})
+  target_link_libraries(ovpn PRIVATE ouroboros-dev)
+  install(TARGETS ovpn RUNTIME DESTINATION ${CMAKE_INSTALL_BINDIR})
+endif()
diff --git a/src/tools/irm/CMakeLists.txt b/src/tools/irm/CMakeLists.txt
deleted file mode 100644
index e5e5c466..00000000
--- a/src/tools/irm/CMakeLists.txt
+++ /dev/null
@@ -1,39 +0,0 @@
-include_directories(${CMAKE_CURRENT_SOURCE_DIR})
-include_directories(${CMAKE_CURRENT_BINARY_DIR})
-
-include_directories(${CMAKE_SOURCE_DIR}/include)
-include_directories(${CMAKE_BINARY_DIR}/include)
-
-set(SOURCE_FILES
-  # Add source files here
-  irm.c
-  irm_bind_program.c
-  irm_bind_process.c
-  irm_bind_ipcp.c
-  irm_ipcp_create.c
-  irm_ipcp_destroy.c
-  irm_ipcp_bootstrap.c
-  irm_ipcp_enroll.c
-  irm_ipcp_list.c
-  irm_ipcp_connect.c
-  irm_ipcp_disconnect.c
-  irm_unbind_program.c
-  irm_unbind_process.c
-  irm_unbind_ipcp.c
-  irm_unbind.c
-  irm_bind.c
-  irm_ipcp.c
-  irm_name.c
-  irm_name_create.c
-  irm_name_destroy.c
-  irm_name_reg.c
-  irm_name_unreg.c
-  irm_name_list.c
-  irm_utils.c
-  )
-
-add_executable(irm ${SOURCE_FILES})
-
-target_link_libraries(irm LINK_PUBLIC ouroboros-irm)
-
-install(TARGETS irm RUNTIME DESTINATION ${CMAKE_INSTALL_SBINDIR})
diff --git a/src/tools/irm/irm_ipcp_bootstrap.c b/src/tools/irm/irm_ipcp_bootstrap.c
index b8e5c54d..3fabc3cc 100644
--- a/src/tools/irm/irm_ipcp_bootstrap.c
+++ b/src/tools/irm/irm_ipcp_bootstrap.c
@@ -46,90 +46,131 @@
 #include <stdlib.h>
 #include <string.h>
 #include <arpa/inet.h>
+#include <netinet/in.h>
 #ifdef __FreeBSD__
 #include <sys/socket.h>
 #endif
 
-#define UNICAST                "unicast"
-#define BROADCAST              "broadcast"
-#define UDP                    "udp"
-#define ETH_LLC                "eth-llc"
-#define ETH_DIX                "eth-dix"
-#define LOCAL                  "local"
-
-#define MD5                    "MD5"
-#define SHA3_224               "SHA3_224"
-#define SHA3_256               "SHA3_256"
-#define SHA3_384               "SHA3_384"
-#define SHA3_512               "SHA3_512"
-
-#define DEFAULT_ADDR_SIZE      4
-#define DEFAULT_EID_SIZE       8
-#define DEFAULT_DDNS           0
-#define DEFAULT_TTL            60
-#define DEFAULT_ADDR_AUTH      ADDR_AUTH_FLAT_RANDOM
-#define DEFAULT_ROUTING        ROUTING_LINK_STATE
-#define DEFAULT_CONG_AVOID     CA_MB_ECN
-#define DEFAULT_HASH_ALGO      DIR_HASH_SHA3_256
-#define DEFAULT_ETHERTYPE      0xA000
-#define DEFAULT_UDP_PORT       0x0D6B /* 3435 */
-
-#define FLAT_RANDOM_ADDR_AUTH  "flat"
-#define LINK_STATE_ROUTING     "link_state"
-#define LINK_STATE_LFA_ROUTING "lfa"
-#define LINK_STATE_ECM_ROUTING "ecmp"
-#define NONE_CA                "none"
-#define MB_ECN_CA              "mb-ecn"
+#define UNICAST        "unicast"
+#define BROADCAST      "broadcast"
+#define IP_UDP4        "udp4"
+#define IP_UDP6        "udp6"
+#define ETH_LLC        "eth-llc"
+#define ETH_DIX        "eth-dix"
+#define LOCAL          "local"
+
+#define MD5            "MD5"
+#define SHA3_224       "SHA3_224"
+#define SHA3_256       "SHA3_256"
+#define SHA3_384       "SHA3_384"
+#define SHA3_512       "SHA3_512"
+
+#define FLAT_RANDOM    "flat"
+#define DHT_DIR        "DHT"
+#define LINK_STATE     "link_state"
+#define LINK_STATE_LFA "lfa"
+#define LINK_STATE_ECM "ecmp"
+#define NONE_CA        "none"
+#define MB_ECN_CA      "mb-ecn"
+
+#define DT(x)  default_dt_config.x
+#define DHT(x) default_dht_config.params.x
+#define UNI(x) default_uni_config.x
+#define DIX(x) eth_dix_default_conf.eth.x
+#define LLC(x) eth_llc_default_conf.eth.x
+#define UD4(x) udp4_default_conf.udp4.x
+#define UD6(x) udp6_default_conf.udp6.x
+
+static char * usage_str = \
+        "Usage: irm ipcp bootstrap\n"
+        "           name <ipcp name>\n"
+        "           layer <layer name>\n"
+        "           [type [TYPE]]\n"
+        "where TYPE in {" UNICAST " " BROADCAST " " LOCAL " "
+        IP_UDP4 " " IP_UDP6 " " ETH_LLC " " ETH_DIX "},\n\n"
+        "if TYPE == " UNICAST "\n"
+        "        [addr_auth <ADDRESS_POLICY> (default: %s)]\n"
+        "        [directory <DIRECTORY_POLICY> (default: %s)]\n"
+        "        [hash [ALGORITHM] (default: %s)]\n"
+        "        [routing <ROUTING_POLICY> (default: %s)]\n"
+        "        [congestion <CONG_POLICY> (default: %s)]\n"
+        "        [autobind]\n\n"
+        "where ADDRESS_POLICY in {" FLAT_RANDOM "}\n"
+        "    DIRECTORY_POLICY in {" DHT_DIR "}\n"
+        "    ALGORITHM in {" SHA3_224 " " SHA3_256 " "
+        SHA3_384 " " SHA3_512 "}\n"
+        "    ROUTING_POLICY in {" LINK_STATE " "
+        LINK_STATE_LFA " " LINK_STATE_ECM "}\n"
+        "    CONG_POLICY in {" NONE_CA " " MB_ECN_CA "}\n"
+        "    [Data Transfer Constants]\n"
+        "        [addr <address size> (default: %d)]\n"
+        "        [eid <eid size> (default: %d)]\n"
+        "        [ttl <max time-to-live>, default: %d)]\n\n"
+        "if DIRECTORY_POLICY == " DHT_DIR "\n"
+        "        [dht_alpha <search factor> (default: %u)]\n"
+        "        [dht_k <replication factor> (default: %u)]\n"
+        "        [dht_t_expire <expiration (s)> (default: %u)]\n"
+        "        [dht_t_refresh <contact refresh (s)> (default: %u)]\n"
+        "        [dht_t_replicate <replication (s)> (default: %u)]\n\n"
+        "if ROUTING_POLICY == " LINK_STATE "\n"
+        "        [ls_t_recalc <pff recalc interval (s)> (default: %ld)]\n"
+        "        [ls_t_update <LSA update interval (s)> (default: %ld)]\n"
+        "        [ls_t_timeo  <link timeout (s)> (default: %ld)]\n\n"
+        "if TYPE == " IP_UDP4 "\n"
+        "        ip <IP address in dotted notation>\n"
+        "        [port <UDP port> (default: %d)]\n"
+        "        [dns <DDNS IPv4 address in dotted notation>"
+        " (default: none)]\n\n"
+        "if TYPE == " IP_UDP6 "\n"
+        "        ip <IPv6 address>\n"
+        "        [port <UDP port> (default: %d)]\n"
+        "        [dns <DDNS IPv6 address>"
+        " (default: none)]\n\n"
+
+        "if TYPE == " ETH_LLC "\n"
+        "        dev <interface name>\n"
+        "        [hash [ALGORITHM] (default: %s)]\n"
+        "where ALGORITHM in {" SHA3_224 " " SHA3_256 " "
+        SHA3_384 " " SHA3_512 "}\n\n"
+        "if TYPE == " ETH_DIX "\n"
+        "        dev <interface name>\n"
+        "        [ethertype <ethertype> (default: 0x%4X)]\n"
+        "        [hash [ALGORITHM] (default: %s)]\n"
+        "where ALGORITHM in {" SHA3_224 " " SHA3_256 " "
+        SHA3_384 " " SHA3_512 "}\n\n"
+        "if TYPE == " LOCAL "\n"
+        "        [hash [ALGORITHM] (default: %s)]\n"
+        "where ALGORITHM in {" SHA3_224 " " SHA3_256 " "
+        SHA3_384 " " SHA3_512 "}\n\n"
+        "if TYPE == " BROADCAST "\n"
+        "        [autobind]\n\n";
 
 static void usage(void)
 {
         /* FIXME: Add ipcp_config stuff. */
-        printf("Usage: irm ipcp bootstrap\n"
-               "                name <ipcp name>\n"
-               "                layer <layer name>\n"
-               "                [type [TYPE]]\n"
-               "where TYPE in {" UNICAST " " BROADCAST " " LOCAL " "
-               UDP " " ETH_LLC " " ETH_DIX "},\n\n"
-               "if TYPE == " UNICAST "\n"
-               "                [addr <address size> (default: %d)]\n"
-               "                [eid <eid size> (default: %d)]\n"
-               "                [ttl (max time-to-live value, default: %d)]\n"
-               "                [addr_auth <ADDRESS_POLICY> (default: %s)]\n"
-               "                [routing <ROUTING_POLICY> (default: %s)]\n"
-               "                [congestion <CONG_POLICY> (default: %s)]\n"
-               "                [hash [ALGORITHM] (default: %s)]\n"
-               "                [autobind]\n"
-               "where ADDRESS_POLICY in {" FLAT_RANDOM_ADDR_AUTH "}\n"
-               "      ROUTING_POLICY in {" LINK_STATE_ROUTING " "
-               LINK_STATE_LFA_ROUTING " " LINK_STATE_ECM_ROUTING "}\n"
-               "      CONG_POLICY in {" NONE_CA " " MB_ECN_CA "}\n"
-               "      ALGORITHM in {" SHA3_224 " " SHA3_256 " "
-               SHA3_384 " " SHA3_512 "}\n\n"
-               "if TYPE == " UDP "\n"
-               "                ip <IP address in dotted notation>\n"
-               "                [port <UDP port> (default: %d)]\n"
-               "                [dns <DDNS IP address in dotted notation>"
-               " (default: none)]\n\n"
-               "if TYPE == " ETH_LLC "\n"
-               "                dev <interface name>\n"
-               "                [hash [ALGORITHM] (default: %s)]\n"
-               "where ALGORITHM in {" SHA3_224 " " SHA3_256 " "
-               SHA3_384 " " SHA3_512 "}\n\n"
-               "if TYPE == " ETH_DIX "\n"
-               "                dev <interface name>\n"
-               "                [ethertype <ethertype> (default: 0x%4X)]\n"
-               "                [hash [ALGORITHM] (default: %s)]\n"
-               "where ALGORITHM in {" SHA3_224 " " SHA3_256 " "
-               SHA3_384 " " SHA3_512 "}\n\n"
-               "if TYPE == " LOCAL "\n"
-               "                [hash [ALGORITHM] (default: %s)]\n"
-               "where ALGORITHM in {" SHA3_224 " " SHA3_256 " "
-               SHA3_384 " " SHA3_512 "}\n\n"
-               "if TYPE == " BROADCAST "\n"
-               "                [autobind]\n\n",
-               DEFAULT_ADDR_SIZE, DEFAULT_EID_SIZE, DEFAULT_TTL,
-               FLAT_RANDOM_ADDR_AUTH, LINK_STATE_ROUTING, MB_ECN_CA,
-               SHA3_256, DEFAULT_UDP_PORT, SHA3_256, 0xA000, SHA3_256,
+        printf(usage_str,
+               /* unicast */
+               FLAT_RANDOM, DHT_DIR, SHA3_256, LINK_STATE, MB_ECN_CA,
+               /* dt */
+               DT(addr_size), DT(eid_size), DT(max_ttl),
+               /* dht */
+               DHT(alpha), DHT(k), DHT(t_expire),
+               DHT(t_refresh), DHT(t_replicate),
+               /* ls */
+               default_ls_config.t_recalc, default_ls_config.t_update,
+               default_ls_config.t_timeo,
+               /* udp4 */
+               UD4(port),
+               /* udp6 */
+               UD6(port),
+               /* eth_llc */
+               SHA3_256,
+               /* eth_dix */
+               DIX(ethertype),
+               SHA3_256,
+               /* local */
+               SHA3_256,
+               /* broadcast */
                SHA3_256);
 }
 
@@ -139,26 +180,32 @@ int do_bootstrap_ipcp(int     argc,
         char *                  ipcp           = NULL;
         pid_t                   pid            = -1;
         struct ipcp_config      conf;
-        uint8_t                 addr_size      = DEFAULT_ADDR_SIZE;
-        uint8_t                 eid_size       = DEFAULT_EID_SIZE;
-        uint8_t                 max_ttl        = DEFAULT_TTL;
-        enum pol_addr_auth      addr_auth_type = DEFAULT_ADDR_AUTH;
-        enum pol_routing        routing_type   = DEFAULT_ROUTING;
-        enum pol_dir_hash       hash_algo      = DEFAULT_HASH_ALGO;
-        enum pol_cong_avoid     cong_avoid     = DEFAULT_CONG_AVOID;
-        uint32_t                ip_addr        = 0;
-        uint32_t                dns_addr       = DEFAULT_DDNS;
+        struct dir_config       dir_config     = default_dir_config;
+        uint8_t                 addr_size      = DT(addr_size);
+        uint8_t                 eid_size       = DT(eid_size);
+        uint8_t                 max_ttl        = DT(max_ttl);
+        struct routing_config   routing        = default_routing_config;
+        enum pol_addr_auth      addr_auth_type = UNI(addr_auth_type);
+        enum pol_cong_avoid     cong_avoid     = UNI(cong_avoid);
+        enum pol_dir_hash       hash_algo      = DIR_HASH_SHA3_256;
+        char *                  ipstr          = NULL;
+        char *                  dnsstr         = NULL;
+        struct in_addr          ip4_addr       = {.s_addr = INADDR_ANY};
+        struct in_addr          dns4_addr      = UD4(dns_addr);
+        int                     port4          = UD4(port);
+        struct in6_addr         ip6_addr       = IN6ADDR_ANY_INIT;
+        struct in6_addr         dns6_addr      = UD6(dns_addr);
+        int                     port6          = UD6(port);
         char *                  ipcp_type      = NULL;
         enum ipcp_type          type           = IPCP_INVALID;
         char *                  layer          = NULL;
         char *                  dev            = NULL;
-        uint16_t                ethertype      = DEFAULT_ETHERTYPE;
+        uint16_t                ethertype      = DIX(ethertype);
         struct ipcp_list_info * ipcps;
         ssize_t                 len            = 0;
         int                     i              = 0;
         bool                    autobind       = false;
         int                     cargs;
-        int                     port           = DEFAULT_UDP_PORT;
 
         while (argc > 0) {
                 cargs = 2;
@@ -180,11 +227,9 @@ int do_bootstrap_ipcp(int     argc,
                         else
                                 goto unknown_param;
                 } else if (matches(*argv, "ip") == 0) {
-                        if (inet_pton (AF_INET, *(argv + 1), &ip_addr) != 1)
-                                goto unknown_param;
+                        ipstr = *(argv + 1);
                 } else if (matches(*argv, "dns") == 0) {
-                        if (inet_pton(AF_INET, *(argv + 1), &dns_addr) != 1)
-                                goto unknown_param;
+                        dnsstr = *(argv + 1);
                 } else if (matches(*argv, "device") == 0) {
                         dev = *(argv + 1);
                 } else if (matches(*argv, "ethertype") == 0) {
@@ -206,26 +251,50 @@ int do_bootstrap_ipcp(int     argc,
                 } else if (matches(*argv, "ttl") == 0) {
                         max_ttl = atoi(*(argv + 1));
                 } else if (matches(*argv, "port") == 0) {
-                        port = atoi(*(argv + 1));
+                        port4 = atoi(*(argv + 1));
+                        port6 = port4;
                 } else if (matches(*argv, "autobind") == 0) {
                         autobind = true;
                         cargs = 1;
                 } else if (matches(*argv, "addr_auth") == 0) {
-                        if (strcmp(FLAT_RANDOM_ADDR_AUTH, *(argv + 1)) == 0)
+                        if (strcmp(FLAT_RANDOM, *(argv + 1)) == 0)
                                 addr_auth_type = ADDR_AUTH_FLAT_RANDOM;
                         else
                                 goto unknown_param;
-                } else if (matches(*argv, "routing") == 0) {
-                        if (strcmp(LINK_STATE_ROUTING, *(argv + 1)) == 0)
-                                routing_type = ROUTING_LINK_STATE;
-                        else if (strcmp(LINK_STATE_LFA_ROUTING,
-                                        *(argv + 1)) == 0)
-                                routing_type = ROUTING_LINK_STATE_LFA;
-                        else if (strcmp(LINK_STATE_ECM_ROUTING,
-                                        *(argv + 1)) == 0)
-                                routing_type = ROUTING_LINK_STATE_ECMP;
+                } else if (matches(*argv, "directory") == 0) {
+                        if (strcmp(DHT_DIR, *(argv + 1)) == 0)
+                                dir_config.pol = DIR_DHT;
                         else
                                 goto unknown_param;
+                } else if (matches(*argv, "dht_alpha") == 0) {
+                        dir_config.dht.params.alpha = atoi(*(argv + 1));
+                } else if (matches(*argv, "dht_k") == 0) {
+                        dir_config.dht.params.k = atoi(*(argv + 1));
+                } else if (matches(*argv, "dht_t_expire") == 0) {
+                        dir_config.dht.params.t_expire = atoi(*(argv + 1));
+                } else if (matches(*argv, "dht_t_refresh") == 0) {
+                        dir_config.dht.params.t_refresh = atoi(*(argv + 1));
+                } else if (matches(*argv, "dht_t_replicate") == 0) {
+                        dir_config.dht.params.t_replicate = atoi(*(argv + 1));
+                } else if (matches(*argv, "routing") == 0) {
+                        if (strcmp(LINK_STATE, *(argv + 1)) == 0) {
+                                routing.pol = ROUTING_LINK_STATE;
+                                routing.ls.pol = LS_SIMPLE;
+                        } else if (strcmp(LINK_STATE_LFA, *(argv + 1)) == 0) {
+                                routing.pol = ROUTING_LINK_STATE;
+                                routing.ls.pol = LS_LFA;
+                        } else if (strcmp(LINK_STATE_ECM, *(argv + 1)) == 0) {
+                                routing.pol = ROUTING_LINK_STATE;
+                                routing.ls.pol = LS_ECMP;
+                        } else {
+                                goto unknown_param;
+                        }
+                } else if (matches(*argv, "ls_t_timeo") == 0) {
+                        routing.ls.t_timeo = atoi(*(argv + 1));
+                } else if (matches(*argv, "ls_t_update") == 0) {
+                        routing.ls.t_update = atoi(*(argv + 1));
+                } else if (matches(*argv, "ls_t_recalc") == 0) {
+                        routing.ls.t_recalc = atoi(*(argv + 1));
                 } else if (matches(*argv, "congestion") == 0) {
                         if (strcmp(NONE_CA, *(argv + 1)) == 0)
                                 cong_avoid = CA_NONE;
@@ -257,21 +326,59 @@ int do_bootstrap_ipcp(int     argc,
         }
 
         if (ipcp_type != NULL) {
-                if (strcmp(ipcp_type, UNICAST) == 0)
+                if (matches(ipcp_type, UNICAST) == 0)
                         type = IPCP_UNICAST;
-                else if (strcmp(ipcp_type, BROADCAST) == 0)
+                else if (matches(ipcp_type, BROADCAST) == 0)
                         type = IPCP_BROADCAST;
-                else if (strcmp(ipcp_type, UDP) == 0)
-                        type = IPCP_UDP;
-                else if (strcmp(ipcp_type, ETH_LLC) == 0)
-                        type = IPCP_ETH_LLC;
-                else if (strcmp(ipcp_type, ETH_DIX) == 0)
+                else if (matches(ipcp_type, IP_UDP4) == 0)
+                        type = IPCP_UDP4;
+                else if (matches(ipcp_type, IP_UDP6) == 0)
+                        type = IPCP_UDP6;
+                else if (matches(ipcp_type, ETH_DIX) == 0)
                         type = IPCP_ETH_DIX;
-                else if (strcmp(ipcp_type, LOCAL) == 0)
+                else if (matches(ipcp_type, ETH_LLC) == 0)
+                        type = IPCP_ETH_LLC;
+                else if (matches(ipcp_type, LOCAL) == 0)
                         type = IPCP_LOCAL;
                 else goto fail_usage;
         }
 
+        if (type == IPCP_UDP4) {
+                if (inet_pton (AF_INET, ipstr, &ip4_addr) != 1) {
+                        printf("Invalid IPv4 address: \"%s\".\n", ipstr);
+                        goto fail_usage;
+                }
+
+                if (ip4_addr.s_addr == INADDR_ANY) {
+                        printf("Cannot use IPv4 address: \"%s\".\n", ipstr);
+                        goto fail_usage;
+                }
+
+                if (dnsstr != NULL &&
+                    inet_pton(AF_INET, dnsstr, &dns4_addr) != 1) {
+                        printf("Invalid DNS IPv4 address: \"%s\".\n", dnsstr);
+                        goto fail_usage;
+                }
+        }
+
+        if (type == IPCP_UDP6) {
+                if (inet_pton(AF_INET6, ipstr, &ip6_addr) != 1) {
+                        printf("Invalid IPv6 address: \"%s\".\n", ipstr);
+                        goto fail_usage;
+                }
+
+                if (IN6_IS_ADDR_UNSPECIFIED(&ip6_addr)) {
+                        printf("Cannot use IPv6 address: \"%s\".\n", ipstr);
+                        goto fail_usage;
+                }
+
+                if (dnsstr != NULL &&
+                    inet_pton(AF_INET6, dnsstr, &dns6_addr) != 1) {
+                        printf("Invalid DNS IPv6 address: \"%s\".\n", dnsstr);
+                        goto fail_usage;
+                }
+        }
+
         if (pid == -1) {
                 if (ipcp_type == NULL) {
                         printf("No IPCPs matching %s found.\n\n", ipcp);
@@ -315,16 +422,20 @@ int do_bootstrap_ipcp(int     argc,
                                 conf.unicast.dt.addr_size    = addr_size;
                                 conf.unicast.dt.eid_size     = eid_size;
                                 conf.unicast.dt.max_ttl      = max_ttl;
-                                conf.unicast.dt.routing_type = routing_type;
+                                conf.unicast.dt.routing      = routing;
                                 conf.unicast.addr_auth_type  = addr_auth_type;
                                 conf.unicast.cong_avoid      = cong_avoid;
+                                conf.unicast.dir             = dir_config;
                                 break;
-                        case IPCP_UDP:
-                                if (ip_addr == 0)
-                                        goto fail_usage;
-                                conf.udp.ip_addr  = ip_addr;
-                                conf.udp.dns_addr = dns_addr;
-                                conf.udp.port     = port;
+                        case IPCP_UDP4:
+                                conf.udp4.ip_addr  = ip4_addr;
+                                conf.udp4.dns_addr = dns4_addr;
+                                conf.udp4.port     = port4;
+                                break;
+                        case IPCP_UDP6:
+                                conf.udp6.ip_addr  = ip6_addr;
+                                conf.udp6.dns_addr = dns6_addr;
+                                conf.udp6.port     = port6;
                                 break;
                         case IPCP_ETH_DIX:
                                 conf.eth.ethertype = ethertype;
diff --git a/src/tools/irm/irm_ipcp_create.c b/src/tools/irm/irm_ipcp_create.c
index 35d33782..e2a5c488 100644
--- a/src/tools/irm/irm_ipcp_create.c
+++ b/src/tools/irm/irm_ipcp_create.c
@@ -46,7 +46,8 @@
 
 #define UNICAST                "unicast"
 #define BROADCAST              "broadcast"
-#define UDP                    "udp"
+#define UDP4                   "udp4"
+#define UDP6                   "udp6"
 #define ETH_LLC                "eth-llc"
 #define ETH_DIX                "eth-dix"
 #define LOCAL                  "local"
@@ -57,7 +58,7 @@ static void usage(void)
                "                name <ipcp name>\n"
                "                type [TYPE]\n\n"
                "where TYPE in {" UNICAST " " BROADCAST " " LOCAL " "
-               UDP " " ETH_LLC " " ETH_DIX "}\n");
+               UDP4 " " UDP6 " " ETH_LLC " " ETH_DIX "}\n");
 }
 
 int do_create_ipcp(int     argc,
@@ -92,8 +93,10 @@ int do_create_ipcp(int     argc,
                 type = IPCP_UNICAST;
         else if (strcmp(ipcp_type, BROADCAST) == 0)
                 type = IPCP_BROADCAST;
-        else if (strcmp(ipcp_type, UDP) == 0)
-                type = IPCP_UDP;
+        else if (strcmp(ipcp_type, UDP4) == 0)
+                type = IPCP_UDP4;
+        else if (strcmp(ipcp_type, UDP6) == 0)
+                type = IPCP_UDP6;
         else if (strcmp(ipcp_type, LOCAL) == 0)
                 type = IPCP_LOCAL;
         else if (strcmp(ipcp_type, ETH_LLC) == 0)
diff --git a/src/tools/irm/irm_ipcp_list.c b/src/tools/irm/irm_ipcp_list.c
index dfa3099f..54985eb4 100644
--- a/src/tools/irm/irm_ipcp_list.c
+++ b/src/tools/irm/irm_ipcp_list.c
@@ -48,7 +48,8 @@
 
 #define UNICAST   "unicast"
 #define BROADCAST "broadcast"
-#define UDP       "udp"
+#define UDP4      "udp4"
+#define UDP6      "udp6"
 #define ETH_LLC   "eth-llc"
 #define ETH_DIX   "eth-dix"
 #define LOCAL     "local"
@@ -60,7 +61,7 @@ static void usage(void)
                "                [layer <layer_name>]\n\n"
                "                [type [TYPE]]\n\n"
                "where TYPE = {" UNICAST " " LOCAL " "
-               UDP " " ETH_LLC " " ETH_DIX "}\n");
+               UDP4 " " UDP6 " " ETH_LLC " " ETH_DIX "}\n");
 }
 
 static char * str_type(enum ipcp_type type)
@@ -74,8 +75,10 @@ static char * str_type(enum ipcp_type type)
                 return ETH_LLC;
         case IPCP_ETH_DIX:
                 return ETH_DIX;
-        case IPCP_UDP:
-                return UDP;
+        case IPCP_UDP4:
+                return UDP4;
+        case IPCP_UDP6:
+                return UDP6;
         case IPCP_LOCAL:
                 return LOCAL;
         default:
@@ -113,8 +116,10 @@ int do_list_ipcp(int     argc,
                         type = IPCP_UNICAST;
                 else if (strcmp(ipcp_type, BROADCAST) == 0)
                         type = IPCP_BROADCAST;
-                else if (strcmp(ipcp_type, UDP) == 0)
-                        type = IPCP_UDP;
+                else if (strcmp(ipcp_type, UDP4) == 0)
+                        type = IPCP_UDP4;
+                else if (strcmp(ipcp_type, UDP6) == 0)
+                        type = IPCP_UDP6;
                 else if (strcmp(ipcp_type, LOCAL) == 0)
                         type = IPCP_LOCAL;
                 else if (strcmp(ipcp_type, ETH_LLC) == 0)
diff --git a/src/tools/irm/irm_name_create.c b/src/tools/irm/irm_name_create.c
index a0079cad..b132d355 100644
--- a/src/tools/irm/irm_name_create.c
+++ b/src/tools/irm/irm_name_create.c
@@ -36,31 +36,82 @@
  * OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
+#define _POSIX_C_SOURCE 200809L
+#define _XOPEN_SOURCE 500
+
+#include <ouroboros/errno.h>
 #include <ouroboros/irm.h>
 
 #include <stdio.h>
 #include <string.h>
+#include <stdlib.h>
 
 #include "irm_ops.h"
 #include "irm_utils.h"
 
 #define RR    "round-robin"
 #define SPILL "spillover"
+#define SENC  "<security_dir>/server/<name>/enc.conf"
+#define SCRT  "<security_dir>/server/<name>/crt.pem"
+#define SKEY  "<security_dir>/server/<name>/key.pem"
+#define CENC  "<security_dir>/client/<name>/enc.conf"
+#define CCRT  "<security_dir>/client/<name>/crt.pem"
+#define CKEY  "<security_dir>/client/<name>/key.pem"
 
 static void usage(void)
 {
         printf("Usage: irm name create\n"
-               "                <name>\n"
-               "                lb [LB_POLICY], default: %s\n\n"
-               "where LB_POLICY in {" RR " " SPILL "}\n", RR);
+               "                <name>. max %d chars.\n"
+               "                [lb LB_POLICY], default: %s\n"
+               "                [sencpath <path>, default: " SENC "]\n"
+               "                [scrtpath <path>, default: " SCRT "]\n"
+               "                [skeypath <path>, default: " SKEY "]\n"
+               "                [cencpath <path>, default: " CENC "]\n"
+               "                [ccrtpath <path>, default: " CCRT "]\n"
+               "                [ckeypath <path>, default: " CKEY "]\n"
+               "\n"
+               "where LB_POLICY in {" RR " " SPILL "}\n",
+                NAME_SIZE, RR);
+}
+
+static int cp_chk_path(char *       buf,
+                       const char * path)
+{
+        char * rp = realpath(path, NULL);
+        if (rp == NULL) {
+                printf("Failed to check path %s: %s\n.",
+                       path, strerror(errno));
+                goto fail_rp;
+        }
+
+        if (strlen(rp) > NAME_PATH_SIZE) {
+                printf("File path too long: %s.\n", rp);
+                goto fail_len;
+        }
+
+        strcpy(buf, rp);
+        free(rp);
+
+        return 0;
+
+ fail_len:
+        free(rp);
+ fail_rp:
+        return -1;
 }
 
 int do_create_name(int     argc,
                    char ** argv)
 {
-        char * name             = NULL;
-        char * lb_pol           = RR;
-        enum pol_balance pol_lb = LB_RR;
+        struct name_info info = {};
+        char * name = NULL;
+        char * sencpath = NULL;
+        char * scrtpath = NULL;
+        char * skeypath = NULL;
+        char * cencpath = NULL;
+        char * ccrtpath = NULL;
+        char * ckeypath = NULL;
+        char * lb_pol = RR;
 
         name = *(argv++);
         --argc;
@@ -68,6 +119,18 @@ int do_create_name(int     argc,
         while (argc > 0) {
                 if (matches(*argv, "lb") == 0) {
                         lb_pol = *(argv + 1);
+                } else if (matches(*argv, "sencpath") == 0) {
+                        sencpath = *(argv + 1);
+                } else if (matches(*argv, "scrtpath") == 0) {
+                        scrtpath = *(argv + 1);
+                } else if (matches(*argv, "skeypath") == 0) {
+                        skeypath = *(argv + 1);
+                } else if (matches(*argv, "cencpath") == 0) {
+                        cencpath = *(argv + 1);
+                } else if (matches(*argv, "ccrtpath") == 0) {
+                        ccrtpath = *(argv + 1);
+                } else if (matches(*argv, "ckeypath") == 0) {
+                        ckeypath = *(argv + 1);
                 } else {
                         printf("\"%s\" is unknown, try \"irm "
                                "name create\".\n", *argv);
@@ -78,19 +141,45 @@ int do_create_name(int     argc,
                 argv += 2;
         }
 
-        if (name == NULL) {
-                usage();
-                return -1;
+        if (name == NULL)
+                goto fail;
+
+        if (strlen(name) > NAME_SIZE) {
+                printf("Name too long.\n");
+                goto fail;
         }
 
+        strcpy(info.name, name);
+
+        if (sencpath != NULL && cp_chk_path(info.s.enc, sencpath) < 0)
+                goto fail;
+
+        if (scrtpath != NULL && cp_chk_path(info.s.crt, scrtpath) < 0)
+                goto fail;
+
+        if (skeypath != NULL && cp_chk_path(info.s.key, skeypath) < 0)
+                goto fail;
+
+        if (cencpath != NULL && cp_chk_path(info.c.enc, cencpath) < 0)
+                goto fail;
+
+        if (ccrtpath != NULL && cp_chk_path(info.c.crt, ccrtpath) < 0)
+                goto fail;
+
+        if (ckeypath != NULL && cp_chk_path(info.c.key, ckeypath) < 0)
+                goto fail;
+
         if (strcmp(lb_pol, RR) == 0)
-                pol_lb = LB_RR;
+                info.pol_lb = LB_RR;
         else if (strcmp(lb_pol, SPILL) == 0)
-                pol_lb = LB_SPILL;
+                info.pol_lb = LB_SPILL;
         else {
                 usage();
                 return -1;
         }
 
-        return irm_create_name(name, pol_lb);
+        return irm_create_name(&info);
+ fail:
+        usage();
+        return -1;
 }
diff --git a/src/tools/irm/irm_name_reg.c b/src/tools/irm/irm_name_reg.c
index 061ed8be..7689119a 100644
--- a/src/tools/irm/irm_name_reg.c
+++ b/src/tools/irm/irm_name_reg.c
@@ -107,14 +107,23 @@ int do_reg_name(int     argc,
                 return -1;
         }
 
+        if (strlen(name) > NAME_SIZE) {
+                printf("Name too long.\n");
+                usage();
+                return -1;
+        }
+
         ipcps_len = irm_list_ipcps(&ipcps);
-        if (ipcps_len < 0)
-                return ipcps_len;
+        if (ipcps_len <= 0) {
+                printf("Failed to list IPCPs.\n");
+                return -1;
+        }
 
         names_len = irm_list_names(&names);
         if (names_len < 0) {
+                printf("Failed to list names.\n");
                 free(ipcps);
-                return names_len;
+                return -1;
         }
 
         for (i = 0; i < names_len; ++i) {
@@ -124,11 +133,19 @@ int do_reg_name(int     argc,
                 }
         }
 
-        if (name_create && irm_create_name(name, LB_SPILL)) {
-                printf("Error creating name.");
-                free(ipcps);
-                free(name);
-                return -1;
+        if (name_create) {
+                struct name_info info = {
+                        .pol_lb = LB_SPILL
+                };
+
+                strcpy(info.name, name);
+
+                if (irm_create_name(&info) < 0) {
+                        printf("Error creating name.");
+                        free(ipcps);
+                        free(names);
+                        return -1;
+                }
         }
 
         for (i = 0; i < ipcps_len; ++i) {
@@ -136,6 +153,8 @@ int do_reg_name(int     argc,
                 for (j = 0; j < layers_len; j++) {
                         if (wildcard_match(layers[j], ipcps[i].layer) == 0) {
                                 if (irm_reg_name(name, ipcps[i].pid)) {
+                                        printf("Failed to register with %s",
+                                               ipcps[i].layer);
                                         free(ipcps);
                                         free(names);
                                         return -1;
@@ -145,6 +164,8 @@ int do_reg_name(int     argc,
                 for (j = 0; j < ipcp_len; j++) {
                         if (wildcard_match(ipcp[j], ipcps[i].name) == 0) {
                                 if (irm_reg_name(name, ipcps[i].pid)) {
+                                        printf("Failed to register with %s",
+                                               ipcps[i].name);
                                         free(ipcps);
                                         free(names);
                                         return -1;
diff --git a/src/tools/obc/CMakeLists.txt b/src/tools/obc/CMakeLists.txt
deleted file mode 100644
index db5e999b..00000000
--- a/src/tools/obc/CMakeLists.txt
+++ /dev/null
@@ -1,16 +0,0 @@
-include_directories(${CMAKE_CURRENT_SOURCE_DIR})
-include_directories(${CMAKE_CURRENT_BINARY_DIR})
-
-include_directories(${CMAKE_SOURCE_DIR}/include)
-include_directories(${CMAKE_BINARY_DIR}/include)
-
-set(SOURCE_FILES
-  # Add source files here
-  obc.c
-  )
-
-add_executable(obc ${SOURCE_FILES})
-
-target_link_libraries(obc LINK_PUBLIC ouroboros-dev)
-
-install(TARGETS obc RUNTIME DESTINATION ${CMAKE_INSTALL_BINDIR})
diff --git a/src/tools/obc/obc.c b/src/tools/obc/obc.c
index 462cbea9..778eb8a8 100644
--- a/src/tools/obc/obc.c
+++ b/src/tools/obc/obc.c
@@ -63,7 +63,7 @@ static int reader_main(const char * dst)
 
         printf("Starting a reader.\n");
 
-        fd = flow_join(dst, NULL, NULL);
+        fd = flow_join(dst, NULL);
         if (fd < 0) {
                 printf("Failed to join broadcast.\n");
                 return -1;
@@ -91,7 +91,7 @@ static int writer_main(const char * dst,
         int     fd  = 0;
         size_t  len = strlen(message) + 1;
 
-        fd = flow_join(dst, NULL, NULL);
+        fd = flow_join(dst, NULL);
         if (fd < 0) {
                 printf("Failed to join broadcast.\n");
                 return -1;
diff --git a/src/tools/ocbr/CMakeLists.txt b/src/tools/ocbr/CMakeLists.txt
deleted file mode 100644
index f7ba66cd..00000000
--- a/src/tools/ocbr/CMakeLists.txt
+++ /dev/null
@@ -1,21 +0,0 @@
-include_directories(${CMAKE_CURRENT_SOURCE_DIR})
-include_directories(${CMAKE_CURRENT_BINARY_DIR})
-
-include_directories(${CMAKE_SOURCE_DIR}/include)
-include_directories(${CMAKE_BINARY_DIR}/include)
-
-get_filename_component(CURRENT_SOURCE_PARENT_DIR
-  ${CMAKE_CURRENT_SOURCE_DIR} DIRECTORY)
-
-include_directories(${CURRENT_SOURCE_PARENT_DIR})
-
-set(SOURCE_FILES
-  # Add source files here
-  ocbr.c
-  )
-
-add_executable(ocbr ${SOURCE_FILES})
-
-target_link_libraries(ocbr LINK_PUBLIC ouroboros-dev)
-
-install(TARGETS ocbr RUNTIME DESTINATION ${CMAKE_INSTALL_BINDIR})
diff --git a/src/tools/ocbr/ocbr_client.c b/src/tools/ocbr/ocbr_client.c
index ba7b41f4..eada6e60 100644
--- a/src/tools/ocbr/ocbr_client.c
+++ b/src/tools/ocbr/ocbr_client.c
@@ -129,7 +129,7 @@ int client_main(char * server,
 
                         ++seqnr;
 
-                        if (ts_diff_us(&start, &end) / MILLION >= duration)
+                        if (ts_diff_us(&end, &start) / MILLION >= duration)
                                 stop = true;
                 }
         } else { /* flood */
@@ -142,7 +142,7 @@ int client_main(char * server,
 
                         ++seqnr;
 
-                        if (ts_diff_us(&start, &end) / MILLION
+                        if (ts_diff_us(&end, &start) / MILLION
                             >= (long) duration)
                                 stop = true;
                 }
@@ -151,7 +151,7 @@ int client_main(char * server,
 
         clock_gettime(CLOCK_REALTIME, &end);
 
-        ms = ts_diff_ms(&start, &end);
+        ms = ts_diff_ms(&end, &start);
 
         printf("sent statistics: "
                "%9ld packets, %12ld bytes in %9d ms, %4.4f Mb/s\n",
diff --git a/src/tools/ocbr/ocbr_server.c b/src/tools/ocbr/ocbr_server.c
index a4bbadd4..34c4fa94 100644
--- a/src/tools/ocbr/ocbr_server.c
+++ b/src/tools/ocbr/ocbr_server.c
@@ -114,14 +114,14 @@ static void handle_flow(int fd)
                         bytes_read += count;
                 }
 
-                if (ts_diff_us(&alive, &now)
+                if (ts_diff_us(&now, &alive)
                     > server_settings.timeout * MILLION) {
                         printf("Test on flow %d timed out\n", fd);
                         stop = true;
                 }
 
-                if (stop || ts_diff_ms(&now, &iv_end) < 0) {
-                        long us = ts_diff_us(&iv_start, &now);
+                if (stop || ts_diff_ms(&now, &iv_end) > 0) {
+                        long us = ts_diff_us(&now, &iv_start);
                         printf("Flow %4d: %9ld packets (%12ld bytes) in %9ld ms"
                                " => %9.4f pps, %9.4f Mbps\n",
                                fd,
diff --git a/src/tools/oecho/CMakeLists.txt b/src/tools/oecho/CMakeLists.txt
deleted file mode 100644
index 50a66138..00000000
--- a/src/tools/oecho/CMakeLists.txt
+++ /dev/null
@@ -1,16 +0,0 @@
-include_directories(${CMAKE_CURRENT_SOURCE_DIR})
-include_directories(${CMAKE_CURRENT_BINARY_DIR})
-
-include_directories(${CMAKE_SOURCE_DIR}/include)
-include_directories(${CMAKE_BINARY_DIR}/include)
-
-set(SOURCE_FILES
-  # Add source files here
-  oecho.c
-  )
-
-add_executable(oecho ${SOURCE_FILES})
-
-target_link_libraries(oecho LINK_PUBLIC ouroboros-dev)
-
-install(TARGETS oecho RUNTIME DESTINATION ${CMAKE_INSTALL_BINDIR})
diff --git a/src/tools/operf/CMakeLists.txt b/src/tools/operf/CMakeLists.txt
deleted file mode 100644
index b6faf04e..00000000
--- a/src/tools/operf/CMakeLists.txt
+++ /dev/null
@@ -1,26 +0,0 @@
-include_directories(${CMAKE_CURRENT_SOURCE_DIR})
-include_directories(${CMAKE_CURRENT_BINARY_DIR})
-
-include_directories(${CMAKE_SOURCE_DIR}/include)
-include_directories(${CMAKE_BINARY_DIR}/include)
-
-get_filename_component(CURRENT_SOURCE_PARENT_DIR
-  ${CMAKE_CURRENT_SOURCE_DIR} DIRECTORY)
-
-include_directories(${CURRENT_SOURCE_PARENT_DIR})
-
-find_library(LIBM_LIBRARIES m)
-if(NOT LIBM_LIBRARIES)
-  message(FATAL_ERROR "libm not found")
-endif()
-
-set(SOURCE_FILES
-  # Add source files here
-  operf.c
-  )
-
-add_executable(operf ${SOURCE_FILES})
-
-target_link_libraries(operf LINK_PUBLIC ${LIBM_LIBRARIES} ouroboros-dev)
-
-install(TARGETS operf RUNTIME DESTINATION ${CMAKE_INSTALL_BINDIR})
diff --git a/src/tools/operf/operf.c b/src/tools/operf/operf.c
index 10896bd5..3263d3bf 100644
--- a/src/tools/operf/operf.c
+++ b/src/tools/operf/operf.c
@@ -54,7 +54,6 @@
 #include <stdlib.h>
 #include <sys/time.h>
 #include <arpa/inet.h>
-#include <math.h>
 #include <errno.h>
 #include <float.h>
 
diff --git a/src/tools/operf/operf_client.c b/src/tools/operf/operf_client.c
index 63f98299..7060ce5b 100644
--- a/src/tools/operf/operf_client.c
+++ b/src/tools/operf/operf_client.c
@@ -133,7 +133,7 @@ void * writer(void * o)
         clock_gettime(CLOCK_REALTIME, &start);
         clock_gettime(CLOCK_REALTIME, &now);
 
-        while (!stop && ts_diff_ms(&start, &now) < client.duration) {
+        while (!stop && ts_diff_ms(&now, &start) > client.duration) {
                 if (!client.flood) {
                         clock_gettime(CLOCK_REALTIME, &now);
                         ts_add(&now, &intv, &end);
@@ -230,10 +230,10 @@ int client_main(void)
                 printf("%ld received, ", client.rcvd);
                 printf("%ld%% packet loss, ", client.sent == 0 ? 0 :
                        100 - ((100 * client.rcvd) / client.sent));
-                printf("time: %.3f ms, ", ts_diff_us(&tic, &toc) / 1000.0);
+                printf("time: %.3f ms, ", ts_diff_us(&toc, &tic) / 1000.0);
                 printf("bandwidth: %.3lf Mb/s.\n",
                        (client.rcvd * client.size * 8)
-                       / (double) ts_diff_us(&tic, &toc));
+                       / (double) ts_diff_us(&toc, &tic));
         }
 
         flow_dealloc(fd);
diff --git a/src/tools/operf/operf_server.c b/src/tools/operf/operf_server.c
index d11f3486..a611f79c 100644
--- a/src/tools/operf/operf_server.c
+++ b/src/tools/operf/operf_server.c
@@ -66,7 +66,7 @@ void * cleaner_thread(void * o)
                 pthread_mutex_lock(&server.lock);
                 for (i = 0; i < OPERF_MAX_FLOWS; ++i)
                         if (fset_has(server.flows, i) &&
-                            ts_diff_ms(&server.times[i], &now)
+                            ts_diff_ms(&now, &server.times[i])
                             > server.timeout) {
                                 printf("Flow %d timed out.\n", i);
                                 fset_del(server.flows, i);
diff --git a/src/tools/oping/CMakeLists.txt b/src/tools/oping/CMakeLists.txt
deleted file mode 100644
index 31a4f961..00000000
--- a/src/tools/oping/CMakeLists.txt
+++ /dev/null
@@ -1,28 +0,0 @@
-include_directories(${CMAKE_CURRENT_SOURCE_DIR})
-include_directories(${CMAKE_CURRENT_BINARY_DIR})
-
-include_directories(${CMAKE_SOURCE_DIR}/include)
-include_directories(${CMAKE_BINARY_DIR}/include)
-
-get_filename_component(CURRENT_SOURCE_PARENT_DIR
-  ${CMAKE_CURRENT_SOURCE_DIR} DIRECTORY)
-
-include_directories(${CURRENT_SOURCE_PARENT_DIR})
-
-find_library(LIBM_LIBRARIES m)
-if(NOT LIBM_LIBRARIES)
-  message(FATAL_ERROR "libm not found")
-endif()
-
-mark_as_advanced(LIBM_LIBRARIES)
-
-set(SOURCE_FILES
-  # Add source files here
-  oping.c
-  )
-
-add_executable(oping ${SOURCE_FILES})
-
-target_link_libraries(oping LINK_PUBLIC ${LIBM_LIBRARIES} ouroboros-dev)
-
-install(TARGETS oping RUNTIME DESTINATION ${CMAKE_INSTALL_BINDIR})
diff --git a/src/tools/oping/oping.c b/src/tools/oping/oping.c
index ed3529e5..47b86c68 100644
--- a/src/tools/oping/oping.c
+++ b/src/tools/oping/oping.c
@@ -75,12 +75,14 @@
 "\n"                                                                         \
 "  -c, --count             Number of packets\n"                              \
 "  -d, --duration          Duration of the test (default 1s)\n"              \
+"  -f, --flood             Send back-to-back without waiting\n"              \
 "  -i, --interval          Interval (default 1000ms)\n"                      \
 "  -n, --server-name       Name of the oping server\n"                       \
-"  -q, --qos               QoS (raw, raw_crypt, best, video, voice, data)\n" \
+"  -q, --qos               QoS (raw, best, video, voice, data)\n" \
 "  -s, --size              Payload size (B, default 64)\n"                   \
 "  -Q, --quiet             Only print final statistics\n"                    \
 "  -D, --timeofday         Print time of day before each line\n"             \
+"      --poll              Server uses polling (lower latency)\n"            \
 "\n"                                                                         \
 "      --help              Display this help text and exit\n"                \
 
@@ -90,6 +92,7 @@ struct {
         uint32_t  count;
         int       size;
         bool      timestamp;
+        bool      flood;
         qosspec_t qs;
 
         /* stats */
@@ -114,6 +117,7 @@ struct {
         pthread_mutex_t lock;
 
         bool quiet;
+        bool poll;
 
         pthread_t cleaner_pt;
         pthread_t accept_pt;
@@ -172,9 +176,11 @@ int main(int     argc,
         client.size      = 64;
         client.count     = INT_MAX;
         client.timestamp = false;
+        client.flood     = false;
         client.qs        = qos_raw;
         client.quiet     = false;
         server.quiet     = false;
+        server.poll      = false;
 
         while (argc > 0) {
                 if ((strcmp(*argv, "-i") == 0 ||
@@ -212,6 +218,9 @@ int main(int     argc,
                 } else if (strcmp(*argv, "-l") == 0 ||
                            strcmp(*argv, "--listen") == 0) {
                         serv = true;
+                } else if (strcmp(*argv, "-f") == 0 ||
+                           strcmp(*argv, "--flood") == 0) {
+                        client.flood = true;
                 } else if (strcmp(*argv, "-D") == 0 ||
                            strcmp(*argv, "--timeofday") == 0) {
                         client.timestamp = true;
@@ -219,6 +228,8 @@ int main(int     argc,
                            strcmp(*argv, "--quiet") == 0) {
                         client.quiet = true;
                         server.quiet = true;
+                } else if (strcmp(*argv, "--poll") == 0) {
+                        server.poll = true;
                 } else {
                         goto fail;
                 }
@@ -244,8 +255,6 @@ int main(int     argc,
                         client.qs = qos_voice;
                 else if (strcmp(qos, "data") == 0)
                         client.qs = qos_data;
-                else if (strcmp(qos, "raw_crypt") == 0)
-                        client.qs = qos_raw_crypt;
                 else
                         printf("Unknown QoS cube, defaulting to raw.\n");
         }
diff --git a/src/tools/oping/oping_client.c b/src/tools/oping/oping_client.c
index 7b03c83d..1513eac8 100644
--- a/src/tools/oping/oping_client.c
+++ b/src/tools/oping/oping_client.c
@@ -53,6 +53,20 @@ void shutdown_client(int signo, siginfo_t * info, void * c)
         }
 }
 
+static void update_rtt_stats(double ms)
+{
+        double d;
+
+        if (ms < client.rtt_min)
+                client.rtt_min = ms;
+        if (ms > client.rtt_max)
+                client.rtt_max = ms;
+
+        d = (ms - client.rtt_avg);
+        client.rtt_avg += d / client.rcvd;
+        client.rtt_m2 += d * (ms - client.rtt_avg);
+}
+
 void * reader(void * o)
 {
         struct timespec timeout = {client.interval / 1000 + 2, 0};
@@ -64,7 +78,6 @@ void * reader(void * o)
         int                fd      = *((int *) o);
         int                msg_len = 0;
         double             ms      = 0;
-        double             d       = 0;
         uint32_t           exp_id  = 0;
 
         fccntl(fd, FLOWSRCVTIMEO, &timeout);
@@ -100,7 +113,7 @@ void * reader(void * o)
                 sent.tv_sec = msg->tv_sec;
                 sent.tv_nsec = msg->tv_nsec;
 
-                ms = ts_diff_us(&sent, &now) / 1000.0;
+                ms = ts_diff_us(&now, &sent) / 1000.0;
 
                 if (id < exp_id)
                         ++client.ooo;
@@ -122,14 +135,7 @@ void * reader(void * o)
                                id < exp_id ? " [out-of-order]" : "");
                 }
 
-                if (ms < client.rtt_min)
-                        client.rtt_min = ms;
-                if (ms > client.rtt_max)
-                        client.rtt_max = ms;
-
-                d = (ms - client.rtt_avg);
-                client.rtt_avg += d / client.rcvd;
-                client.rtt_m2 += d * (ms - client.rtt_avg);
+                update_rtt_stats(ms);
 
                 if (id >= exp_id)
                         exp_id = id + 1;
@@ -204,13 +210,103 @@ static void client_fini(void)
         return;
 }
 
+static void print_stats(struct timespec * tic,
+                        struct timespec * toc)
+{
+        printf("\n");
+        printf("--- %s ping statistics ---\n", client.s_apn);
+        printf("%d packets transmitted, ", client.sent);
+        printf("%d received, ", client.rcvd);
+        printf("%zd out-of-order, ", client.ooo);
+        printf("%.0lf%% packet loss, ", client.sent == 0 ? 0 :
+               ceil(100 - (100 * (client.rcvd / (float) client.sent))));
+        printf("time: %.3f ms\n", ts_diff_us(toc, tic) / 1000.0);
+
+        if (client.rcvd > 0) {
+                printf("rtt min/avg/max/mdev = %.3f/%.3f/%.3f/",
+                       client.rtt_min,
+                       client.rtt_avg,
+                       client.rtt_max);
+                if (client.rcvd > 1)
+                        printf("%.3f ms\n",
+                               sqrt(client.rtt_m2 / (client.rcvd - 1)));
+                else
+                        printf("NaN ms\n");
+        }
+}
+
+static int flood_ping(int fd)
+{
+        char buf[OPING_BUF_SIZE];
+        struct oping_msg * msg = (struct oping_msg *) buf;
+        struct timespec sent;
+        struct timespec rcvd;
+        double ms;
+
+        memset(buf, 0, client.size);
+
+        if (!client.quiet)
+                printf("Pinging %s with %d bytes of data (%u packets):\n\n",
+                       client.s_apn, client.size, client.count);
+
+        while (!stop && client.sent < client.count) {
+                clock_gettime(CLOCK_MONOTONIC, &sent);
+
+                msg->type = htonl(ECHO_REQUEST);
+                msg->id = htonl(client.sent);
+                msg->tv_sec = sent.tv_sec;
+                msg->tv_nsec = sent.tv_nsec;
+
+                if (flow_write(fd, buf, client.size) < 0) {
+                        printf("Failed to send packet.\n");
+                        break;
+                }
+
+                ++client.sent;
+
+                if (flow_read(fd, buf, OPING_BUF_SIZE) < 0) {
+                        printf("Failed to read packet.\n");
+                        break;
+                }
+
+                clock_gettime(CLOCK_MONOTONIC, &rcvd);
+
+                if (ntohl(msg->type) != ECHO_REPLY)
+                        continue;
+
+                ++client.rcvd;
+
+                sent.tv_sec = msg->tv_sec;
+                sent.tv_nsec = msg->tv_nsec;
+                ms = ts_diff_us(&rcvd, &sent) / 1000.0;
+
+                update_rtt_stats(ms);
+
+                if (!client.quiet)
+                        printf("%d bytes from %s: seq=%d time=%.3f ms\n",
+                               client.size, client.s_apn,
+                               ntohl(msg->id), ms);
+        }
+
+        return 0;
+}
+
+static int threaded_ping(int fd)
+{
+        pthread_create(&client.reader_pt, NULL, reader, &fd);
+        pthread_create(&client.writer_pt, NULL, writer, &fd);
+
+        pthread_join(client.writer_pt, NULL);
+        pthread_join(client.reader_pt, NULL);
+
+        return 0;
+}
+
 static int client_main(void)
 {
         struct sigaction sig_act;
-
         struct timespec tic;
         struct timespec toc;
-
         int fd;
 
         memset(&sig_act, 0, sizeof sig_act);
@@ -241,37 +337,16 @@ static int client_main(void)
 
         clock_gettime(CLOCK_REALTIME, &tic);
 
-        pthread_create(&client.reader_pt, NULL, reader, &fd);
-        pthread_create(&client.writer_pt, NULL, writer, &fd);
-
-        pthread_join(client.writer_pt, NULL);
-        pthread_join(client.reader_pt, NULL);
+        if (client.flood)
+                flood_ping(fd);
+        else
+                threaded_ping(fd);
 
         clock_gettime(CLOCK_REALTIME, &toc);
 
-        printf("\n");
-        printf("--- %s ping statistics ---\n", client.s_apn);
-        printf("%d packets transmitted, ", client.sent);
-        printf("%d received, ", client.rcvd);
-        printf("%zd out-of-order, ", client.ooo);
-        printf("%.0lf%% packet loss, ", client.sent == 0 ? 0 :
-               ceil(100 - (100 * (client.rcvd / (float) client.sent))));
-        printf("time: %.3f ms\n", ts_diff_us(&tic, &toc) / 1000.0);
-
-        if (client.rcvd > 0) {
-                printf("rtt min/avg/max/mdev = %.3f/%.3f/%.3f/",
-                       client.rtt_min,
-                       client.rtt_avg,
-                       client.rtt_max);
-                if (client.rcvd > 1)
-                        printf("%.3f ms\n",
-                               sqrt(client.rtt_m2 / (client.rcvd - 1)));
-                else
-                        printf("NaN ms\n");
-        }
+        print_stats(&tic, &toc);
 
         flow_dealloc(fd);
-
         client_fini();
 
         return 0;
diff --git a/src/tools/oping/oping_server.c b/src/tools/oping/oping_server.c
index 6f76869c..13ab8f47 100644
--- a/src/tools/oping/oping_server.c
+++ b/src/tools/oping/oping_server.c
@@ -36,6 +36,8 @@
  * OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
+ #include <ouroboros/hash.h>
+
 void shutdown_server(int signo, siginfo_t * info, void * c)
 {
         (void) info;
@@ -67,7 +69,7 @@ void * cleaner_thread(void * o)
                                 time_t diff;
 
                                 pthread_mutex_lock(&server.lock);
-                                diff = ts_diff_ms(&server.times[i], &now);
+                                diff = ts_diff_ms(&now, &server.times[i]);
                                 pthread_mutex_unlock(&server.lock);
 
                                 if (diff > deadline_ms) {
@@ -87,12 +89,15 @@ void * server_thread(void *o)
         struct oping_msg * msg = (struct oping_msg *) buf;
         struct timespec now = {0, 0};
         struct timespec timeout = {0, 100 * MILLION};
+        struct timespec poll_timeout = {0, 0};
         int fd;
 
         (void) o;
 
         while (true) {
-                if (fevent(server.flows, server.fq, &timeout) == -ETIMEDOUT)
+                if (fevent(server.flows, server.fq,
+                           server.poll ? &poll_timeout : &timeout)
+                    == -ETIMEDOUT)
                         continue;
 
                 while ((fd = fqueue_next(server.fq)) >= 0) {
@@ -100,14 +105,15 @@ void * server_thread(void *o)
                         if (msg_len < 0)
                                 continue;
 
+                        if (!server.quiet)
+                                printf("Received %d bytes on fd %d.\n",
+                                       msg_len, fd);
+
                         if (ntohl(msg->type) != ECHO_REQUEST) {
                                 printf("Invalid message on fd %d.\n", fd);
                                 continue;
                         }
 
-                        if (!server.quiet)
-                                printf("Received %d bytes on fd %d.\n", msg_len, fd);
-
                         clock_gettime(CLOCK_REALTIME, &now);
 
                         pthread_mutex_lock(&server.lock);
@@ -137,8 +143,8 @@ void * accept_thread(void * o)
         while (true) {
                 fd = flow_accept(&qs, NULL);
                 if (fd < 0) {
-                        printf("Failed to accept flow.\n");
-                        break;
+                        printf("Failed to accept flow: %d \n", fd);
+                        continue;
                 }
 
                 printf("New flow %d.\n", fd);
diff --git a/src/tools/ovpn/CMakeLists.txt b/src/tools/ovpn/CMakeLists.txt
deleted file mode 100644
index f3a2cac8..00000000
--- a/src/tools/ovpn/CMakeLists.txt
+++ /dev/null
@@ -1,21 +0,0 @@
-include_directories(${CMAKE_CURRENT_SOURCE_DIR})
-include_directories(${CMAKE_CURRENT_BINARY_DIR})
-
-include_directories(${CMAKE_SOURCE_DIR}/include)
-include_directories(${CMAKE_BINARY_DIR}/include)
-
-get_filename_component(CURRENT_SOURCE_PARENT_DIR
-  ${CMAKE_CURRENT_SOURCE_DIR} DIRECTORY)
-
-include_directories(${CURRENT_SOURCE_PARENT_DIR})
-
-set(SOURCE_FILES
-  # Add source files here
-  ovpn.c
-  )
-
-add_executable(ovpn ${SOURCE_FILES})
-
-target_link_libraries(ovpn LINK_PUBLIC ouroboros-dev)
-
-install(TARGETS ovpn RUNTIME DESTINATION ${CMAKE_INSTALL_BINDIR})
diff --git a/src/tools/ovpn/ovpn.c b/src/tools/ovpn/ovpn.c
index 5333ff40..b25e3ea2 100644
--- a/src/tools/ovpn/ovpn.c
+++ b/src/tools/ovpn/ovpn.c
@@ -68,7 +68,6 @@ static void usage(void)
                "server to connect to\n"
                "  -i, --ip                  IP address to give to TUN device\n"
                "  -m, --mask                Subnet mask to give to TUN device\n"
-               "  -C, --crypt               AES encryption (default: off)\n"
                "\n"
                "      --help                Display this help text and exit\n");
 }
@@ -194,7 +193,6 @@ int main(int     argc,
                 {{"ip",    required_argument, NULL, 'i'},
                  {"mask",  required_argument, NULL, 'm'},
                  {"name",  required_argument, NULL, 'n'},
-                 {"crypt", no_argument,       NULL, 'C'},
                  {"help",  no_argument,       NULL, 'h'},
                  {NULL,    0,                 NULL, 0}
                 };
@@ -231,9 +229,6 @@ int main(int     argc,
                 case 'n':
                         name = optarg;
                         break;
-                case 'C':
-                        qs = qos_raw_crypt;
-                        break;
                 case 'h':
                         usage();
                         exit(EXIT_SUCCESS);
diff --git a/src/tools/time_utils.h b/src/tools/time_utils.h
index c17282dc..a4117f44 100644
--- a/src/tools/time_utils.h
+++ b/src/tools/time_utils.h
@@ -53,17 +53,17 @@
 #include <sys/time.h>
 
 /* functions for timespecs */
-#define ts_diff_ns(t0, tx) (((tx)->tv_sec - (t0)->tv_sec) * BILLION     \
+#define ts_diff_ns(tx, t0) (((tx)->tv_sec - (t0)->tv_sec) * BILLION     \
                             + ((tx)->tv_nsec - (t0)->tv_nsec))
-#define ts_diff_us(t0, tx) (((tx)->tv_sec - (t0)->tv_sec) * MILLION     \
+#define ts_diff_us(tx, t0) (((tx)->tv_sec - (t0)->tv_sec) * MILLION     \
                             + ((tx)->tv_nsec - (t0)->tv_nsec) / 1000L)
-#define ts_diff_ms(t0, tx) (((tx)->tv_sec - (t0)->tv_sec) * 1000L       \
+#define ts_diff_ms(tx, t0) (((tx)->tv_sec - (t0)->tv_sec) * 1000L       \
                             + ((tx)->tv_nsec - (t0)->tv_nsec) / MILLION)
 
 /* functions for timevals are the same */
-#define tv_diff_us(t0, tx) (((tx)->tv_sec - (t0)->tv_sec) * MILLION     \
+#define tv_diff_us(tx, t0) (((tx)->tv_sec - (t0)->tv_sec) * MILLION     \
                             + ((tx)->tv_usec - (t0)->tv_usec) / 1000L)
-#define tv_diff_ms(t0, tx) (((tx)->tv_sec - (t0)->tv_sec) * 1000L       \
+#define tv_diff_ms(tx, t0) (((tx)->tv_sec - (t0)->tv_sec) * 1000L       \
                             + ((tx)->tv_usec - (t0)->tv_usec) / MILLION)
 
 /* functions for timespecs */