NAT Traversal for LISP Mobile Node

Slides:

Advertisements

Similar presentations

© Antônio M. Alberti 2011 Host Identification and Location Decoupling: A Comparison of Approaches Bruno Magalhães Martins Antônio Marcos Alberti.

Advertisements

LISP Mobile Node LISP Mobile Node draft-meyer-lisp-mn-00.txt Dino Farinacci, Vince Fuller, Darrel Lewis and David Meyer IETF StockholmHiroshima LISP Working.

INTRODUCTION WIRELESS TECHNOLOGY BECOMING HOTTER WIRELESS TECHNOLOGY BECOMING HOTTER TRANSITION TOWARDS MOBILITY OVER PAST 20 YEARS TRANSITION TOWARDS.

© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1 1 © 2010 Cisco and/or its affiliates. All rights reserved. LISP Mobility.

CST Computer Networks NAT CST 415 4/10/2017 CST Computer Networks.

Why do current IP semantics cause scaling issues? −Today, “addressing follows topology,” which limits route aggregation compactness −Overloaded IP address.

CPSC Network Layer4-1 IP addresses: how to get one? Q: How does a host get IP address? r hard-coded by system admin in a file m Windows: control-panel->network->configuration-

1Nokia Siemens Networks Presentation / Author / Date University of Twente On the Security of the Mobile IP Protocol Family Ulrike Meyer and Hannes Tschofenig.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 W. Schulte Chapter 5: Network Address Translation for IPv4  Connecting.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Lecture15: Network Address Translation for IPv4 Connecting Networks.

1 Teredo - Tunneling IPv6 through NATs Date: Speaker: Quincy Wu National Chiao Tung University.

IETF 72 – July 2008 Vince Fuller, Darrel Lewis, Eliot Lear, Scott Brim, Dave Oran, Noel Chiappa, John Curran, Dino Farinacci, and David Meyer LISP Deployment.

STUN Date: Speaker: Hui-Hsiung Chung 1.

1 Network Architecture and Design Advanced Issues in Internet Protocol (IP) IPv4 Network Address Translation (NAT) IPV6 IP Security (IPsec) Mobile IP IP.

COM555: Mobile Technologies Location-Identifier Separation.

1 Dual Stack Support in Mobile IPv6 for Hosts and Routers OR IPv4 traversal for Mobile IPv6 ! draft-ietf-mip6-nemo-v4traversal-00 H. Soliman, G. Tsirtsis,

More about Skype. Overview Any node with a public IP address having sufficient CPU, memory and network bandwidth is a candidate to become a super node.

Petteri Sirén. Content Preface Locator/ID Separation Protocol (LISP) How LISP works Methods how LISP was studied Test cases Result Summary.

Host Identity Protocol

Mobile IP Traversal Of NAT Devices By, Vivek Nemarugommula.

Using LISP for Secure Hybrid Cloud Extension draft-freitasbellagamba-lisp-hybrid-cloud-use-case-00 Santiago Freitas Patrice Bellagamba Yves Hertoghs IETF.

Mobile IP, PMIP, FMC, and a little bit more

1 NAT Network Address Translation Motivation for NAT To solve the insufficient problem of IP addresses IPv6 –All software and hardware need to be updated.

STUN - Simple Traversal of User Datagram Protocol (UDP) Through Network Address Translators (NATs) speaker ： Wenping Zhang date ：

Network Layer4-1 DHCP: Dynamic Host Configuration Protocol Goal: allow host to dynamically obtain its IP address from network server when it joins network.

IPv6 and IPv4 Coexistence Wednesday, October 07, 2015 IPv6 and IPv4 Coexistence Motorola’s Views for Migration and Co-existence of 3GPP2 Networks to Support.

CIS 3360: Internet: Network Layer Introduction Cliff Zou Spring 2012.

Network Layer4-1 Chapter 4: Network Layer r 4. 1 Introduction r 4.2 Virtual circuit and datagram networks r 4.3 What’s inside a router r 4.4 IP: Internet.

LISP BOF, IETF Dublin, July, 2008 Vince Fuller (for the LISP crew) LISP+ALT Mapping System.

EID: RLOC: IRTF MobOpts – Quebec City July

Locator/ID Separation Protocol (LISP) Architecture & Protocols LISP Team: Vince Fuller, Darrel Lewis, Eliot Lear, Scott Brim, Dave Oran, Elizabeth McGee,

LISP Deployment Scenarios Darrel Lewis and Margaret Wasserman IETF 76, Hiroshima, Japan.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 11: Network Address Translation for IPv4 Routing And Switching.

1 3gpp_trans/ / IPv6 Transition Solutions for 3GPP Networks draft-wiljakka-3gpp-ipv6-transition-00.txt Juha Wiljakka,

: MobileIP. : r Goal: Allow machines to roam around and maintain IP connectivity r Problem: IP addresses => location m This is important for efficient.

IP packet filtering Breno de Medeiros. Florida State University Fall 2005 Packet filtering Packet filtering is a network security mechanism that works.

CCNA4-1 Chapter 7-1 NAT Chapter 11 Routing and Switching (CCNA2)

COM594: Mobile Technologies Location-Identifier Separation.

HIP-Based NAT Traversal in P2P-Environments

V4 traversal for IPv6 mobility protocols - Scenarios Mip6trans Design Team MIP6 and NEMO WGs, IETF 63.

CS 3700 Networks and Distributed Systems

NAT Traversal in HIP Xiang LIU TML/HIIT 1.

Could SP-NAT Save the Internet?

IPv4 shortage and CERN 15 January 2013

NAT (Network Address Translation)

LISP Implementation Report

IETF/IRTF Vancouver - December 2007

Draft-ermagan-lisp-nat-traversal-00 Vina Ermagan, Dino Farinacci, Darrel Lewis, Fabio Maino, Jesper Skriver, Chris White Presenter: Vina Ermagan IETF.

LISP BOF, IETF 72 Dublin, July, 2008 Darrel Lewis (for the LISP crew)

Route Optimization of Mobile IP over IPv4

Preferred Alternatives for Tunnelling HIP (PATH)

Instructor Materials Chapter 9: NAT for IPv4

CS 3700 Networks and Distributed Systems

Global Locator, Local Locator, and Identifier Split (GLI-Split)

Routing and Switching Essentials v6.0

Introducing To Networking

IDR WG, IETF Dublin, July, 2008 Vince Fuller (for the LISP crew)

* Essential Network Security Book Slides.

Net 431: ADVANCED COMPUTER NETWORKS

Network Virtualization

CS 3700 Networks and Distributed Systems

Instructor Materials Chapter 9: NAT for IPv4

NAT Traversal for VoIP Dr. Quincy Wu National Chi Nan University

Chapter 11: Network Address Translation for IPv4

Mobility Support in Wireless LAN

Network Address Translation (NAT)

DHCP: Dynamic Host Configuration Protocol

Chapter 5 Data Link Layer – Hub, Switch

Lecture 4a Mobile IP 1.

Presentation transcript:

NAT Traversal for LISP Mobile Node Dominik Klein, Matthias Hartmann, and Michael Menth

Overview Problem: Communication through NAT Solution: NAT traversal mechanism Idea Flow charts Summary & discussion

Problem: Communication through NAT Observation MN roams in domain with private addresses Problem MN registers private address as RLOC at mapping service MN reachable only within own domain MS Internet LISP domain Non-LISP domain NAT 17.87.7.2 MN EID 1 10.0.0.1 ? ITR/ETR RLOC B SN EID 2 Src: Dest: RLOC B 10.0.0.1 11792 4341 EID 2 EID 1 DATA Src: Dest: EID 2 EID 1 DATA OH: UDP: IH:

Solution: NAT Traversal Router NAT traversal router (NTR) NTR collocated with map server (MS) MN registers at NTR NTR adds own RLOC for MN in MS Traffic from outside tunneled from NTR to MN through NAT MS Internet Non-LISP domain MN EID 1 10.0.0.1 NTR RLOC N Traffic for MN NAT 17.87.7.2

Registration Process Internet Non-LISP domain Src: Dest: 10.0.0.1 Internal IP:Port External IP:Port Peer IP:Port -------------------------------------------------------------------- 10.0.0.1:4341 17.87.7.2:20321 RLOC N:4342 EID-to-IP:Port Mapping -----------------------------------EID 1 17.87.7.2 :20321 EID-to-RLOC Mapping ------------------------------ EID 1 RLOC N MS Internet Non-LISP domain MN EID 1 10.0.0.1 NTR RLOC N NAT 17.87.7.2 Src: Dest: 10.0.0.1 RLOC N 4341 4342 REGISTRATION: EID 1  10.0.0.1 Src: Dest: 17.87.7.2 RLOC N 20321 4342 REGISTRATION: EID 1  10.0.0.1 OH: UDP: LISP:

Incoming Traffic Internet LISP Non-LISP domain domain Src: Dest: Internal IP:Port External IP:Port Peer IP:Port -------------------------------------------------------------------- 10.0.0.1:4341 17.87.7.2:20321 RLOC N:4342 EID-to-IP:Port Mapping -----------------------------------EID 1 17.87.7.2 :20321 EID-to-RLOC Mapping ------------------------------ EID 1 RLOC N MS LISP domain Internet Non-LISP domain MN EID 1 10.0.0.1 ITR/ETR RLOC B NTR RLOC N SN EID 2 NAT 17.87.7.2 Src: Dest: RLOC N 10.0.0.1 4342 4341 EID 2 EID 1 DATA Src: Dest: RLOC N 17.87.7.2 4342 20321 EID 2 EID 1 DATA Src: Dest: RLOC B RLOC N 30369 4341 EID 2 EID 1 DATA Src: Dest: EID 2 EID 1 DATA OH: UDP: IH:

Outgoing Traffic Observation NTR not necessarily required as relay for outgoing traffic Example: MN sends traffic to stationary node in other LISP domain using a direct tunnel to destination ETR LISP domain Internet Non-LISP domain MN EID 1 10.0.0.1 ITR/ETR RLOC B SN EID 2 NAT 17.87.7.2 Src: Dest: 10.0.0.1 RLOC B 11987 4341 EID 1 EID 2 DATA Src: Dest: 17.87.7.2 RLOC B 11987 4341 EID 1 EID 2 DATA Src: Dest: EID 1 EID 2 DATA OH: UDP: IH:

Summary & Discussion Mobile nodes not reachable behind NAT NAT traversal router (NTR) helps Receives traffic for MN Relays it through the NAT to the MN Protocol implementation in Omnet++ Discussion Great for MN reachability?  Standardize it! Security risk?  How to avoid it?

References LISP (http://tools.ietf.org/html/draft-ietf-lisp-05) LISP-MN (http://tools.ietf.org/html/draft-meyer-lisp-mn-00) LISP-INT (http://tools.ietf.org/html/draft-ietf-lisp-interworking-00) Most recent version published on LISP mailing list (http://www.ietf.org/mail-archive/web/lisp/current/msg01964.html) LISP-NAT paper (http://www3.informatik.uni-wuerzburg.de/~menth/Publications/papers/Menth10-Sub-2.pdf) LISP-NAT draft (http://tools.ietf.org/html/draft-klein-lisp-mn-nat-traversal-00)