Download Mobile IPv6 to manage Multiple Interfaces

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

Document related concepts

Deep packet inspection wikipedia , lookup

Computer security wikipedia , lookup

Distributed firewall wikipedia , lookup

Wireless security wikipedia , lookup

Computer network wikipedia , lookup

Wake-on-LAN wikipedia , lookup

Network tap wikipedia , lookup

Piggybacking (Internet access) wikipedia , lookup

Recursive InterNetwork Architecture (RINA) wikipedia , lookup

Airborne Networking wikipedia , lookup

List of wireless community networks by region wikipedia , lookup

Cracking of wireless networks wikipedia , lookup

IEEE 802.1aq wikipedia , lookup

Zero-configuration networking wikipedia , lookup

Transcript
IP Multicasting
and
Mobile IP
Christophe Jelger
Post-doctoral researcher
[email protected]
Christophe Jelger – CS221 Network and Security - Universität Basel - 2005
1
Plan
IP Multicast
General concept
Subscriptions (IGMP, MLD)
Multicast routing


Shared trees
Source-based trees
Mobile IP
General concept
Mobile IPv4
Mobile IPv6
Christophe Jelger – CS221 Network and Security - Universität Basel - 2007
2
IP Multicast
Group communications at the network layer
IP Multicast
Mobile IP
Christophe Jelger – CS221 Network and Security - Universität Basel - 2007
3
Unicast streaming
011010
011010
011010
011010
Christophe Jelger – CS221 Network and Security - Universität Basel - 2007
4
Multicast streaming
011010
Multicast Tree
011010
011010
011010
011010
011010
011010
Christophe Jelger – CS221 Network and Security - Universität Basel - 2007
5
IP Multicast: address range (see http://www.iana.org)
IPv4
Class-D addresses: 224.0.0.0 to 239.255.255.255 (224.0.0.0/28, or
16 Class-A networks !)
Some special addresses …



224.0.0.1 = all multicast-capable hosts
224.0.0.2 = all multicast routers
224.0.0.13 = all PIM routers
IPv6
ff0x::/8 where x is the scope (2=local, 5=site, e=global)
Some special addresses …



ff02::1 all nodes on link, ff02::2 all routers on link
ff02::16 all MLDv2 multicast routers
ff02::d all PIM multicast routers
Christophe Jelger – CS221 Network and Security - Universität Basel - 2007
6
IP Multicast: IP to Ethernet mapping
IPv4
Ethernet multicast (first 24 bits): 01:00:5E + 0 for 25th bit
 23 bits available to map the IPv4 address to an Ethernet address
 the least significant bits are mapped

Ex: 224.129.47.23  01:00:5E:01:2F:17
IPv6
Ethernet multicast (first 16 bits): 33:33
 32 bits available to map the IPv6 address
 the least significant bits are mapped

Ex: ff05::207:85ff:fe92:7ff8  33:33:fe:92:7f:f8
In both cases, the Ethernet layer acts as an imperfect filter
Christophe Jelger – CS221 Network and Security - Universität Basel - 2007
7
IP Multicast: Step 1  group subscription
IPv4 : Internet Group Membership Protocol (IGMP)
IPv6 : Multicast Listener Discovery (MLD)
Objective: a multicast router must periodically discover
nodes that want to join a certain group
The router can then join the appropriate multicast delivery tree
The router only needs to know if there is some interest for a group:
it does not need to know exactly how many nodes are interested
There exists different versions of IGMP and MLD: the main
difference is the ability to perform "source-filtering" (so that only
the traffic sent by a (some) given source(s) is received)
Christophe Jelger – CS221 Network and Security - Universität Basel - 2007
8
IP Multicast: group subscription with MLD
(subscription with IGMP is similar)
JOIN
multicast group
ff0e::1234:5678
Multicast router
Group: ff0e::1234:5678/64
 MAC : 33:33:12:34:56:78
MLD
Query
MLD Report
Multicast DATA sent to 33:33:12:34:56:78
/ ff0e::1234:5678
ff0e::1234:5678
Christophe Jelger – CS221 Network and Security - Universität Basel - 2007
9
IP Multicast: Step 2  Multicast routing
Objective is to build the multicast delivery tree(s)
Two families of trees:
Shared-trees (*,G): the tree is shared by all (*) multicast sources
sending to group G
Source-based trees (S,G): only a given source S can send multicast
data on the delivery tree for group G
There has been many protocols for multicast routing, but
today the only protocol deployed is PIM:
Protocol Independent Multicast
PIM-SM: Sparse-Mode (shared trees)
PIM-SSM: Source-Specific Multicast (source-based trees)
Christophe Jelger – CS221 Network and Security - Universität Basel - 2007
10
IP Multicast: Step 2  Multicast routing
Source-based tree (PIM-SSM)
Source S1
2
(S1,G)
1
Shared tree (PIM-SM)
(S1,G)
2
5
6
7
(S2,G)
5
(*,G)
Rendez-Vous
Point
1
3
4
Source S1
3
6
4
7
Source S2
PIM router with group member(s)
PIM JOIN message
Christophe Jelger – CS221 Network and Security - Universität Basel - 2005
11
IP Multicast: some conclusions
IP Multicast is very suitable for
Group communications with multiple sources and receivers (shared
tree): known as N-to-M communication

Video-conferencing, network games
Group communications with one source and multiple receivers
(source-based tree): known as 1-to-M communication

TV and radio streaming, content distribution
Current deployment of IP Multicast is not large
Lack of security: a misbehaving user can create forwarding states by
joining hundreds of groups
Billing: who should pay for what ?
Source discovery accross AS (Autonomous Systems) is complex
Christophe Jelger – CS221 Network and Security - Universität Basel - 2007
12
Mobile IP
Adding mobility at the network layer
IP Multicast
Mobile IP
Christophe Jelger – CS221 Network and Security - Universität Basel - 2007
13
Users are becoming mobile
World-wide availability of popular wireless
communication technologies
More and more portable wireless devices are also
available, and they become really powerful
Christophe Jelger – CS221 Network and Security - Universität Basel - 2007
14
Mobile IP
Problems introduced by mobility
When a mobile node moves to a visited network, how is it
possible to reach it again ?
What about current on-going connections ? (with TCP, IP
addresses partly identifies a connection)
Objectives of Mobile IP
To permit that a mobile node becomes reachable when it is in a
visited network
To allow on-going connections to be maintained when the mobile
node is moving
Christophe Jelger – CS221 Network and Security - Universität Basel - 2007
15
Mobile IPv6: basic mechanisms
Binding Update
Message (H@  CoA)
Home network
Internet
Home agent
Visited network
Correspondant
Sending to H@
Access
point
The mobile node main address
is mobile
the home
address
The
node
obtains(H@)
an
address in the visited network:
the care-of address (CoA)
Christophe Jelger – CS221 Network and Security - Universität Basel - 2007
16
Mobile IPv6: route optimization
Binding Update
Message
(H@  CoA)
Home network
Internet
Home agent
Access
point
Visited network
Correspondant
Sending to H@
via CoA
Christophe Jelger – CS221 Network and Security - Universität Basel - 2007
17
Mobile IP: maintaining TCP connections
IPv4: tunneling
A packet sent by or to the mobile node's home address is
encapsulated in another packet sent by or to the CoA
IPv6: routing header and home address option
Via the home agent, tunneling is used
With route optimization, a packet sent to the mobile node's home
address is replaced by a packet sent to the CoA which also
contains a routing header equal to the H@
A packet sent by the mobile node always uses the CoA as source
address, and it contains a home address option equal to H@
Christophe Jelger – CS221 Network and Security - Universität Basel - 2007
18
Mobile IP: some conclusions
Deployment
Mobile IP has failed to be widely deployed because until recently
it suffered from serious security problems: authentication is
indeed critical so that a malicious user cannot register a bogus
CoA with a home agent
Usage
The "always-on" paradigm is not a reality yet
The need for Mobile IP is not mature enough
Christophe Jelger – CS221 Network and Security - Universität Basel - 2007
19