Download Avoiding NAT66

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
Document related concepts

Dynamic Host Configuration Protocol wikipedia , lookup

Piggybacking (Internet access) wikipedia , lookup

Recursive InterNetwork Architecture (RINA) wikipedia , lookup

Lag wikipedia , lookup

Distributed firewall wikipedia , lookup

List of wireless community networks by region wikipedia , lookup

Cracking of wireless networks wikipedia , lookup

Zero-configuration networking wikipedia , lookup

Transcript 
IPv6 MHMP
(Multi-Homing with Multi-Prefixes)
- Status Report draft-troan-multihoming-without-nat66-01
IETF79 V6OPS WG
November 2010
presenting for design team
Ole Trøan, [email protected]
IPv6 MHMP
1
Goal
Multiple IPv6 prefixes
IPv6
•
•
Internet
Give host multiple IPv6 prefixes
– Belonging to different networks
Host does “The Right Thing”
1. Source Address Selection
2. Next-Hop Route Selection
3. DNS Server Selection
4. (Identifying Supporting Hosts)
IPv6 MHMP
Corporate
network
Partner
networks
2
Our proposed items and their
discussion results in Maastricht
• IPv6 Multiple NSP architecture
draft-troan-ipv6-multihoming-without-ipv6nat-01 July 26, 2010
O. Troan, D .Wing Cisco Systems, D .Miles Alcatel-lucent,
S .Matsushima SOFTBANK TELECOM, T. Okimoto NTT
continue discussion
in v6ops WG
adopted to WG item
in 6man WG
technical individual solutions (1 to 3)
1.Address selection policy distribution
• draft-ietf-6man-rfc3484-revise-01 Oct 15, 2010
Things To Be Considered for RFC 3484 Revision
A. Matsumoto, J. Kato, T. Fujisaki NTT
• draft-fujisaki-6man-addr-select-opt-00 Jul 8, 2010
Distributing Address Selection Policy using DHCPv6
T. Fujisaki, A. Matsumoto NTT, R. Hiromi Intec Netcore
continue discussion
in 6man WG
2.Route information distribution
draft-dec-dhcpv6-route-option-05 Sep 28, 2010
DHCPv6 Route Option
W. Dec, R. Johnson Cisco Systems, T. Mrugalski Gdansk Univ,
A. Matsumoto NTT
adopted to chartered item
in mif WG
3.DNS selection policy distribution
draft-savolainen-mif-dns-server-selection-04 Sep 17, 2010
Improved DNS Server Selection for Multi-Homed Nodes
T. Savolainen Nokia, J. Kato NTT
IPv6 MHMP
3
In Beijing
• 6man WG on Tuesday
– Address selection policy distribution
draft-fujisaki-6man-addr-select-opt-00 Jul 8, 2010
adopted to WG item (Thank you!)
• mif WG on Thursday
– Route information distribution
draft-dec-dhcpv6-route-option-05 Sep 28, 2010
– DNS selection policy distribution
draft-savolainen-mif-dns-server-selection-04 Sep 17, 2010
New mif charter text including route and DNS issues was already
approved. They will be adopted to WG item.
• Related works:
draft-vandevelde-v6ops-pref-ps-00
draft-hain-ipv6-rpf-icmp-00
draft-wing-v6ops-happy-eyeballs-ipv6-01
IPv6 MHMP
4
Questions?
IPv6 MHMP
IPv6 MHMP
5
Backup/Reminder Materials
Problem: Source Address Selection
• Multiple prefixes on one physical interface
• Wrong ISP
2001:db8:1000::/36
ISP-A
Internet
2001:db8:1000:1::100
2001:db8:8000:1::100
ISP-B
2001:db8:8000::/36
Dropped by ingress filter (RFC2827)
IPv6 MHMP
6
Backup/Reminder Materials
Problem: Source Address Selection
• Multiple prefixes on one physical interface
• Disconnected network
2001:db8:a000::1
2001:db8:1000::/36
Internet
ISP-A
2001:db8:1000:1::100
2001:db8:8000:1::100
ASP-B
2001:db8:8000::/36
IPv6 MHMP
7
Backup/Reminder Materials
Problem: Next-Hop Route Selection
IPv6
Internet
Corporate
network
Partner
network
Provide host with routing information of
Partner network – so that Address
Selection (RFC3484) can choose
correct source address. RFC4191
does that (but there is a problem..)
IPv6 MHMP
8
Backup/Reminder Materials
Problem: DNS Server Selection
• DNS Server Selection
– Public DNS returns empty answer
– Private DNS returns IP address
• Solution: host queries proper DNS server
• long-existing industry practice
Internet
NSP
Query:
cnn.com
(Interne
t)
Query:
myasp.com
IPv6 MHMP
ASP / VPN
(myasp.com)
9
Problem:
Identifying Supporting Hosts
Backup/Reminder Materials
• Supporting Host:
– Chooses proper source address
– Accepts next-hop route information
– Supports DNS server selection
• Network would like to determine:
– If ‘supporting host’, give it two prefixes
– If ‘non-supporting host’, give it one prefix and
NAT66 its traffic
will be described in draft-troan-multihoming-without-nat66-01
IPv6 MHMP
10
Backup/Reminder Materials
Scope of Our Work
Source Address
Selection
Next-Hop Route
DNS Server
Selection
Identify supporting
hosts
Multiple
physical
interfaces
√
RFC3484
√
(RFC4191)
Multiple
prefixes
Revise standard
√
(RFC4191)
new standard
new standard
new standard
new standard
IPv6 MHMP
11
Related documents
homenet_feb2013
homenet_feb2013
Document
Document
Title: ISPs ignore IP timebomb
Title: ISPs ignore IP timebomb
Chapter 9b IPv6 Subnetting
Chapter 9b IPv6 Subnetting
The Road to IPv6
The Road to IPv6
IPv6 Site Renumbering Gap Analysis
IPv6 Site Renumbering Gap Analysis
New Vulnerabilities in IPv6
New Vulnerabilities in IPv6
IPv6
IPv6
Security on IPv6
Security on IPv6
IPv4 to IPv6 Migration strategies
IPv4 to IPv6 Migration strategies
Paper - Internet Research Task Force
Paper - Internet Research Task Force