How to encrypt Erlang rpc calls (and Mnesia replication) and other traffic?

Question

I believe that internode communication is taking place in the clear and that the cookie value is strictly used for authentication. (I do not have any proof as yet).

1. How do I encrypt internode communication?
2. How do I encrypt Mnesia replication messages?
3. How do I configure my firewall and packet filters to permit these messages to pass through?
4. How do I prevent snooping of my Erlang traffic?

Answer 1

Well, since it all runs over IP, one option would be to use IPSec between your nodes. Encrypted VPN connections could also do the trick. Neither of these require any changes on the Erlang side of things, nor will the Erlang programs or runtime be aware that the encryption is happening, except in the (hopefully) rare case of attacks that cause communication to fail, in which case it will look as if the other node is down.