IPv4 header: Recycle 16 bits? draft-briscoe-intarea-ipv4-id-reuse-00 Bob Briscoe IETF-80 Mar 2011 This work is partly funded by Trilogy, a research project.

Slides:



Advertisements
Similar presentations
Security Issues In Mobile IP
Advertisements

Tal Mizrahi Marvell IETF Meeting 81, July 2011
CONEX BoF. Welcome to CONEX! Chairs: –Leslie Daigle –Philip Eardley Scribe Note well MORE INFO: -ECN.
Draft-ietf-mptcp-api-01 Michael Scharf, Alan Ford March 31, 2011.
TRILL Header Extension Simplifications Donald Eastlake 3 rd Huawei Technologies 1July 2011.
1 IP - The Internet Protocol Relates to Lab 2. A module on the Internet Protocol.
Ch 20. Internet Protocol (IP) Internetworking PHY and data link layers operate locally.
Chapter 20 Network Layer: Internet Protocol
University of Calgary – CPSC 441.  IP (Internet Protocol) is a Network Layer Protocol.  RFC 791 provides the specification for IP. 2 Network Layer application.
1. Also known as IPng (next generation) Developed to alleviate IPv4 address exhaustion A new version of the Internet Protocol Improve upon IP protocol.
Public IPv4 over Access IPv6 network draft-cui-softwire-host-4over6-06 draft-cui-softwire-dhcp-over-tunnel-01 Y. Cui, J. Wu, P. Wu Tsinghua Univ. C. Metz.
© 2006 The MITRE Corporation. All rights reserved Carrying IPSEC Authentication and ESP Headers Across SCPS-NP Networks Keith Scott.
Guidelines for Adding Congestion Notification to Protocols that Encapsulate IP draft-briscoe-tsvwg-ecn-encap-guidelines-00 Bob Briscoe IETF-80 Mar 2011.
Introduction to IPv6 Presented by: Minal Mishra. Agenda IP Network Addressing IP Network Addressing Classful IP addressing Classful IP addressing Techniques.
IPv4 - The Internet Protocol Version 4
IP Fragmentation. MTU Maximum Transmission Unit (MTU) –Largest IP packet a network will accept –Arriving IP packet may be larger IP Packet MTU.
1 Lecture 15: IPsec AH and ESP IPsec introduction: uses and modes IPsec concepts –security association –security policy database IPsec headers –authentication.
Lesson 4 The IPv6 Header.
Network Layer Packet Forwarding IS250 Spring 2010
IP Protocol. The Internet Protocol (IP) is a network-layer (Layer 3) protocol that contains addressing information and some control information that enables.
1 Internet Networking Spring 2005 Tutorial 2 IP Checksum, Fragmentation.
1 Internet Networking Spring 2004 Tutorial 2 IP Checksum, Fragmentation.
Source Port # (16)Destination Port # (16) Sequence Number (32 bits) Acknowledgement Number (32 bits) Hdr Len (4) Flags (6)Window Size (16) Options (if.
1 Version Traffic Class Flow Label Payload Length Next Header Hop Limit Source Address Destination Address IPv6 Header.
1 Internet Networking Spring 2002 Tutorial 2 IP Checksum, Fragmentation.
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 7 Internet Protocol Version4.
Internet Protocol (IP)
© 2009 Pearson Education Inc., Upper Saddle River, NJ. All rights reserved. © The McGraw-Hill Companies, Inc. IP version 6 Asst. Prof. Chaiporn Jaikaeo,
Dr. John P. Abraham Professor UTPA
ECE 4110 – Internetwork Programming IP Protocol. 2 * From TCP/IP Protocol Suite, B. A. Forouzan, Prentice Hall Position of IP in TCP/IP Protocol Suite.
CS4550 Computer Networks II IP : internet protocol, part 2 : packet formats, routing, routing tables, ICMP read feit chapter 6.
TCP/IP Protocol Suite 1 Chapter 8 Upon completion you will be able to: Internet Protocol Understand the format and fields of a datagram Understand the.
Tunnelling of Explicit Congestion Notification draft-briscoe-tsvwg-ecn-tunnel-03.txt draft-briscoe-tsvwg-ecn-tunnel-03.txt Bob Briscoe, BT IETF-75 saag.
CS 4396 Computer Networks Lab
TCP/IP Protocol Suite 1 Chapter 8 Upon completion you will be able to: Internet Protocol Understand the format and fields of a datagram Understand the.
1 Requirements for Internet Routers (Gateways) and Hosts Relates to Lab 3. (Supplement) Covers the compliance requirements of Internet routers and hosts.
ICMPv6 Error Message Types Informational Message Types.
1 Lecture 13 IPsec Internet Protocol Security CIS CIS 5357 Network Security.
1 Computer Communication & Networks Lecture 19 Network Layer: IP and Address Mapping Waleed Ejaz.
Internet Protocol Version 4 VersionHeader Length Type of Service Total Length IdentificationFragment Offset Time to LiveProtocolHeader Checksum Source.
Destination Option Update IETF/ipngwg 2000/12/14 San Diego.
Authentication Header ● RFC 2402 ● Services – Connectionless integrity – Data origin authentication – Replay protection – As much header authentication.
IPSEC Modes of Operation. Breno de MedeirosFlorida State University Fall 2005 IPSEC  To establish a secure IPSEC connection two nodes must execute a.
Network Layer Protocols COMP 3270 Computer Networks Computing Science Thompson Rivers University.
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 7 Internet Protocol Version4.
IPv4 IPv4 The Internet Protocol version 4 (IPv4) is the delivery mechanism used by the TCP/IP protocols. Datagram Fragmentation Checksum Options Topics.
20.1 Chapter 20 Network Layer: Internet Protocol Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Preferred Alternatives for Tunnelling HIP (PATH)
Behrouz A. Forouzan TCP/IP Protocol Suite, 3rd Ed.
MPLS-TP Fault Management Draft draft-boutros-mpls-tp-fault-01
The New Internet Protocol
Carrying IPSEC Authentication and ESP Headers Across SCPS-NP Networks
Internet Networking Spring 2002
Internet Protocol Version4
The New Internet Protocol
Internet Protocol (IP)
Internet Protocol Version4
IP - The Internet Protocol
Guide to TCP/IP Fourth Edition
Dr. John P. Abraham Professor UTPA
Dr. John P. Abraham Professor UTRGV, EDINBURG, TX
What does this packet do?
Dr. John P. Abraham Professor UTPA
Net 323 D: Networks Protocols
IP - The Internet Protocol
Internet Protocol (IP)
The New Internet Protocol
IP - The Internet Protocol
NET 323D: Networks Protocols
draft-ietf-bier-ipv6-requirements-01
Presentation transcript:

IPv4 header: Recycle 16 bits? draft-briscoe-intarea-ipv4-id-reuse-00 Bob Briscoe IETF-80 Mar 2011 This work is partly funded by Trilogy, a research project supported by the European Community

2 problem: protocol extensibility new protocols need n bits in IP header (v4 and/or v6) e.g. conex-abstract-mech, nat-reveal-option IPv4&6 extensibility mechanisms unusable in practice any v4 option or v6 hop-by-hop ext hdr punted to slow-path new extensibility design principle* put options where they will be ignored by existing kit kit with option code will know where to look * ack: Rob Hancock

3 find a field ignored by existing kit this draft proposes a new way to extend IPv4 similar ideas could apply to IPv6 Fragmentation Fields that indicate an ‘atomic' Packet “X” = “don’t care” large majority of IPv4 packets are atomic unfragmented and unfragmentable ID field redundant in atomic packets [draft-ietf-intarea-ipv4-id-update] this draft proposes a process to manage re-use of the ID field VersionIHLDiffserv ECN Total Length IdentificationFlagsOffset Time to LiveProtocolHeader Checksum Source Address Destination Address Identification (ID)FlagsOffset X X X X X X X X X

4 re-use ID field in atomic IPv4 packets frees up 16 bits for use by Internet community propose IANA registry for re-using ID field IETF can reassign whole field, subfields or codepoints within subfields within constraints of previous use of ID for reassembly call the ID field “ID-Reuse” when packet is atomic set currently unused ID-Reuse bits to zero example registration: a new 2-bit field called ExA ID-ReuseFlagsOffset ExAX

5 disambiguation how does an ExA implementation know whether this is: a)an atomic packet using codepoint 10 in protocol ExA? b)an atomic packet with arbitrary noise in the ID field? solution: propose to redefine Reserved flag as ‘Recycled’ (RC) flag if atomic AND RC=1, ID field redefined as ID-Reuse consumes last available bit to free up 16b An example ID-Reuse valueFlagsOffset RCRC DFDF MFMF An Example ID-Reuse valueFlagsOffset ExA

6 incremental deployment tradeoff new problem some pre-existing middleboxes (firewalls) discard RC = 1 solution during initial deployment: ExA implementation assumes packet using ExA protocol if (non-ExA ID-Reuse == 0 AND RC==0 AND atomic) (RC==1 AND atomic) in this example, wrong with probability of 1 : 2 (16-2) = 1 : 2 14 protocol must not risk being wrong unless it does no harm An Example ID-Reuse valueFlagsOffset X X

7 constraints on re-using IPv4 ID only in atomic packets IPsec authentication header interaction ID immutable at least between IPsec endpoints Tunnel encapsulation cannot rely on DF propagating to outer cannot rely on ID field being copied to outer

8 conclusions consume last available bit to free up 16 in IPv4 with non-trivial constraints principled incremental deployment and a hack with a tradeoff and an added constraint discussion too constrained for those who want more bits? is this the most useful use of the Reserved flag? middlebox traversal new protocol recognition RC=0certainuncertain RC=1uncertaincertain

IPv4 header: Recycle 16 bits? draft-briscoe-intarea-ipv4-id-reuse-00 Q&A