IPv6 Services for Residential Networks Mark Baugher Erwan Nedellec Mika Saaranen Barbara Stark.

Slides:

Advertisements

Similar presentations

NAT, firewalls and IPv6 Christian Huitema Architect, Windows Networking Microsoft Corporation.

Advertisements

Blue Coat and the Blue Coat logo are trademarks of Blue Coat Systems, Inc., and may be registered in certain jurisdictions. All other product or service.

CPSC Network Layer4-1 IP addresses: how to get one? Q: How does a host get IP address? r hard-coded by system admin in a file m Windows: control-panel->network->configuration-

Transitioning to IPv6 April 15,2005 Presented By: Richard Moore PBS Enterprise Technology.

IPv4 to IPv6 Migration strategies. What is IPv4  Second revision in development of internet protocol  First version to be widely implied.  Connection.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Implementing IP Addressing Services Accessing the WAN – Chapter 7.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 W. Schulte Chapter 5: Network Address Translation for IPv4  Connecting.

© 2007 Cisco Systems, Inc. All rights reserved.ICND2 v1.0—7-1 Address Space Management Transitioning to IPv6.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Lecture15: Network Address Translation for IPv4 Connecting Networks.

Understanding Internet Protocol

RFC 3489bis Jonathan Rosenberg Cisco Systems. Technical Changes Needed Allow STUN over TCP –Driver: draft-ietf-sip-outbound Allow response to omit CHANGED-

H. 323 and firewalls: Problem Statement and Solution Framework Author: Melinda Shore, Nokia Presenter: Shannon McCracken.

IPv6: The Future of the Internet? July 27th, 1999 Auug.

Module 4: Configuring Network Connectivity

This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.

Lecture Week 7 Implementing IP Addressing Services.

1 Anycast Address Assignment Using DHCPv6 draft-madanapalli-dhcpv6-anycast-00 Syam Madanapalli Samsung ISO IETF 61 – Washington, DC.

Network Services Lesson 6. Objectives Skills/ConceptsObjective Domain Description Objective Domain Number Setting up common networking services Understanding.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Network Addressing Networking for Home and Small Businesses – Chapter.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Addressing the Network – IPv4 Network Fundamentals – Chapter 6.

Network Layer4-1 NAT: Network Address Translation local network (e.g., home network) /24 rest of.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Implementing IP Addressing Services Accessing the WAN – Chapter 7.

IPv6 Home Networking Architecture - update IETF homenet WG Interim meeting Philadelphia, 6 th Oct 2011 draft-chown-homenet-arch-00.

Module 8: Designing Network Access Solutions. Module Overview Securing and Controlling Network Access Designing Remote Access Services Designing RADIUS.

IETF-50 UPnP Update Prakash Iyer Intel Corporation

Module 3: Designing IP Addressing. Module Overview Designing an IPv4 Addressing Scheme Designing DHCP Implementation Designing DHCP Configuration Options.

© 2007 Cisco Systems, Inc. All rights reserved. 1 Network Addressing Networking for Home and Small Businesses – Chapter 5 Darren Shaver – Modified Fall.

IPv6 WORKING GROUP (IPNGWG) March 2001 Minneapolis IETF Bob Hinden / Nokia Steve Deering / Cisco Systems Co-Chairs.

 An Internet Protocol address (IP address) is a numerical label assigned to each device (e.g., computer, printer) participating in a computer network.

Network Layer4-1 Chapter 4: Network Layer r 4. 1 Introduction r 4.2 Virtual circuit and datagram networks r 4.3 What’s inside a router r 4.4 IP: Internet.

Draft-chown-v6ops-campus-transition-00 Tim Chown v6ops WG, IETF 60, San Diego, August 2, 2004.

IPv6, the Protocol of the Future, Today Mathew Harris.

Prefix Delegation Protocol Selection T.J. Kniveton MEXT Working Group IETF 70 - December ’07 - Vancouver.

Recommendations of Unique Local Addresses Usages draft-ietf-v6ops-ula-usage-recommendations-02 draft-ietf-v6ops-ula-usage-recommendations-02 Bing Liu(speaker),

Dynamic Virtual Networks (DVNE) Margaret Wasserman & Paddy Nallur November 11, 2010 IETF Beijing, China.

The InetAddress Class Nipat J.. public class InetAddress  This class represents an Internet Protocol (IP) address.  An IP address is either a 32-bit.

Fostering worldwide interoperabilityGeneva, July 2009 Standardization activities on Home Networking in CCSA Duo LIU, Deputy Secretary General of.

IANA Reserved IPv4 Prefix for IPv6 Transition draft-weil-opsawg-provider-address-space-00 IETF 78 July

BCP for ARP/ND Scaling for Large Data Centers

Introduction to IPv6 ECE4110. Problems with IPv4 32-bit addresses give about 4,000,000 addresses IPv4 Addresses WILL run out at some point – Some predicted.

Guidance for Running Multiple IPv6 Prefixes (draft-liu-v6ops-running-multiple-prefixes-02) Bing Liu, Sheng Jiang (Speaker), Yang Bo IETF91

Network Architecture Protection (draft-vandevelde-v6ops-nap-01.txt) Brian Carpenter, Ralph Droms, Tony Hain, Eric L Klein, Gunter Van de Velde.

IPv6 Site-Local Discussion Bob Hinden & Margaret Wasserman IETF 56 San Francisco March 2003.

1 © 2004 Cisco Systems, Inc. All rights reserved. Draft-vandevelde-v6ops-nap-00 Network Architecture Protection (

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 11: Network Address Translation for IPv4 Routing And Switching.

1/28/2010 Network Plus IP Addressing Review. IP Address Classes.

© Cengage Learning 2014 How IP Addresses Get Assigned A MAC address is embedded on a network adapter at a factory IP addresses are assigned manually or.

Requirements For Handover Information Services MIPSHOP – IETF #65 Srinivas Sreemanthula (Ed.)

Deploying IPv6, Now Christian Huitema Architect Windows Networking & Communications Microsoft Corporation.

Analysis and recommendation for the ULA usage draft-liu-v6ops-ula-usage-analysis-00 draft-liu-v6ops-ula-usage-analysis-00 Bing Liu(speaker), Sheng Jiang.

Bjorn Landfeldt, The University of Sydney 1 NETS 3303 IPv6 and migration methods.

Security Threats and Security Requirements for the Access Node Control Protocol (ANCP) IETF 68 - ANCP WG March 18-23, 2007 draft-ietf-ancp-security-threats-00.txt.

1 ForCES Applicability Statement Alan Crouch Mark Handley Hormuzd Khosravi 65 th IETF Meeting, Dallas.

Multicast Considerations for Gateway Initiated Dual-Stack lite (draft-brockners-softwire-mcast-gi-ds-lite-00) Authors: Frank Brockners

Security “Automatic Border Detection” is essential – For service discovery scope – For prefix assignment and routing – For security Default filters (ULAs?)

Standardization activities on Home Networking in CCSA CCSA DOCUMENT #:GSC13-GTSC6-08 FOR:Presentation or Information SOURCE:CCSA AGENDA ITEM:GTSC; 4.3.

1 Welcome to Designing a Microsoft Windows 2000 Network Infrastructure.

1/7 zerouter BoF Problem Statement 19 th Nov th IETF - Atlanta, Georgia, USA

DHCPv4 option for PANA Authentication Agents draft-suraj-dhcpv4-paa-option-00.txt DHC/PANA WG IETF-63 France, Paris.

Chapter 5. An IP address is simply a series of binary bits (ones and zeros). How many binary bits are used? 32.

IPv6 Security Issues Georgios Koutepas, NTUA IPv6 Technology and Advanced Services Oct.19, 2004.

CCNA4-1 Chapter 7-1 IP Addressing Services Scaling Networks With Network Address Translation (NAT)

1 Update on Candidate Address Selection for Interactive Connectivity Establishment (ICE) draft-keranen-mmusic-ice-address-selection-00 A. Keränen, J. Arkko.

1 Link Scoped IPv6 Multicast Addresses Jung-Soo Park, Myung-Ki Shin ETRI 54th IETF – Yokohama, Japan draft-ietf-ipv6-link-scoped-mcast-01.txt.

Doc.: IEEE /0122r0 Submission January 2012 Dorothy Stanley, Aruba NetworksSlide 1 IEEE IETF Liaison Report Date: Authors:

Design Guidelines for IPv6 Networks draft-matthews-v6ops-design-guidelines Philip Matthews Alcatel-Lucent.

CCNA4-1 Chapter 7-1 NAT Chapter 11 Routing and Switching (CCNA2)

Softwire Security Update

Routing and Switching Essentials v6.0

Chapter 11: Network Address Translation for IPv4

Presentation transcript:

IPv6 Services for Residential Networks Mark Baugher Erwan Nedellec Mika Saaranen Barbara Stark

v6HomeServices IETF '742 Overview Background Problem Space Requirements Solution Space Security Considerations The UPnP™ Forum is considering revisions to IPv6 usage. This talk presents some proposed revisions to the UPnP Device Architecture.

v6HomeServices IETF '743 Background UPnP and the UPnP Forum –Hundreds of millions of UPnP devices are in the marketplace –Most commercial home gateway/routers run UPnP –Multicast service discovery and unicast service description –SOAP-based control protocol and eventing protocol UPnP Security –Well-publicized attacks against UPnP gateway devices –Basic problem: Lack of authorization, authentication Goals of the Draft –Seek comments on use of scoped addressing, address selection –Seek support for best practices for home-network firewall

v6HomeServices IETF '744 Requirements Private network addressability –Routed residential networks May become common, 64-bit MACs, sensor networks Site-local operation needed in addition to link-local scope Outside-in access –Remote access into the residential network Firewall control –To enable outside-in addressability Site-to-site services –Two or more residential networks are statically connected

v6HomeServices IETF '745 Problem Space Routed Private Networks –Link-local scope is likely inadequate for UPnP services –Site-local scope needs to be supported, ULA is needed –Address selection over multiple UDA versions is complex Remote Access –Current solutions use DDNS and UPnP NAT Traversal –Addressing and FW traversal are needed for IPv6 Site-to-Site Access –Addressing model for permanent IPv6 inter-site connections Firewall Traversal –IPv4 NAT traversal is insecure, IPV6 needs to be better

v6HomeServices IETF '746 Solution Space Addressing for Routed Private Networks –ULA needs to be supported in commercial home gateways –Update to RFC 3484 needed for home networks Prioritize address selection: link-local plus site-local, ULA, GUA Addressing for Remote Access –Tunneled IPv6 uses GUA and DDNS Site-to-Site Addressing Uses ULA –Static site-to-site tunneling connecting ULA addresses Firewall Traversal –Industry would benefit from IPv6 firewall best practices –Authenticated, authorized FW traversal as a best practice?

v6HomeServices IETF '747 Security Considerations Home network assets, risks and threats –Assets: gateways, PCs, NAS, firewall, etc. –Risks: reconfiguration of network devices, theft of secrets –Threats: Malware and war drivers Big problem: unauthenticated, programmatic control –Such as management of gateway DNS server names Authentication and authorization best practice

v6HomeServices IETF '748 Summary Update to address selection for home networks Support for ULA needed in home network gateways Need to have practices for home network firewalls –Must consider authorized, authenticated FW traversal Are these appropriate topics for the IETF?

Thank You