Presentation is loading. Please wait.

Presentation is loading. Please wait.

IPv6 Services for Residential Networks Mark Baugher Erwan Nedellec Mika Saaranen Barbara Stark.

Published byMarion Griffin Modified over 9 years ago

Similar presentations

Presentation on theme: "IPv6 Services for Residential Networks Mark Baugher Erwan Nedellec Mika Saaranen Barbara Stark."— Presentation transcript:

1 IPv6 Services for Residential Networks Mark Baugher Erwan Nedellec Mika Saaranen Barbara Stark

2 v6HomeServices IETF '742 Overview Background Problem Space Requirements Solution Space Security Considerations The UPnP™ Forum is considering revisions to IPv6 usage. This talk presents some proposed revisions to the UPnP Device Architecture.

3 v6HomeServices IETF '743 Background UPnP and the UPnP Forum –Hundreds of millions of UPnP devices are in the marketplace –Most commercial home gateway/routers run UPnP –Multicast service discovery and unicast service description –SOAP-based control protocol and eventing protocol UPnP Security –Well-publicized attacks against UPnP gateway devices –Basic problem: Lack of authorization, authentication Goals of the Draft –Seek comments on use of scoped addressing, address selection –Seek support for best practices for home-network firewall

4 v6HomeServices IETF '744 Requirements Private network addressability –Routed residential networks May become common, 64-bit MACs, sensor networks Site-local operation needed in addition to link-local scope Outside-in access –Remote access into the residential network Firewall control –To enable outside-in addressability Site-to-site services –Two or more residential networks are statically connected

5 v6HomeServices IETF '745 Problem Space Routed Private Networks –Link-local scope is likely inadequate for UPnP services –Site-local scope needs to be supported, ULA is needed –Address selection over multiple UDA versions is complex Remote Access –Current solutions use DDNS and UPnP NAT Traversal –Addressing and FW traversal are needed for IPv6 Site-to-Site Access –Addressing model for permanent IPv6 inter-site connections Firewall Traversal –IPv4 NAT traversal is insecure, IPV6 needs to be better

6 v6HomeServices IETF '746 Solution Space Addressing for Routed Private Networks –ULA needs to be supported in commercial home gateways –Update to RFC 3484 needed for home networks Prioritize address selection: link-local plus site-local, ULA, GUA Addressing for Remote Access –Tunneled IPv6 uses GUA and DDNS Site-to-Site Addressing Uses ULA –Static site-to-site tunneling connecting ULA addresses Firewall Traversal –Industry would benefit from IPv6 firewall best practices –Authenticated, authorized FW traversal as a best practice?

7 v6HomeServices IETF '747 Security Considerations Home network assets, risks and threats –Assets: gateways, PCs, NAS, firewall, etc. –Risks: reconfiguration of network devices, theft of secrets –Threats: Malware and war drivers Big problem: unauthenticated, programmatic control –Such as management of gateway DNS server names Authentication and authorization best practice

8 v6HomeServices IETF '748 Summary Update to address selection for home networks Support for ULA needed in home network gateways Need to have practices for home network firewalls –Must consider authorized, authenticated FW traversal Are these appropriate topics for the IETF?

9 Thank You

Download ppt "IPv6 Services for Residential Networks Mark Baugher Erwan Nedellec Mika Saaranen Barbara Stark."

Similar presentations

NAT, firewalls and IPv6 Christian Huitema Architect, Windows Networking Microsoft Corporation.

NAT, firewalls and IPv6 Christian Huitema Architect, Windows Networking Microsoft Corporation.
Blue Coat and the Blue Coat logo are trademarks of Blue Coat Systems, Inc., and may be registered in certain jurisdictions. All other product or service.

Blue Coat and the Blue Coat logo are trademarks of Blue Coat Systems, Inc., and may be registered in certain jurisdictions. All other product or service.
CPSC 441 - Network Layer4-1 IP addresses: how to get one? Q: How does a host get IP address? r hard-coded by system admin in a file m Windows: control-panel->network->configuration-

CPSC Network Layer4-1 IP addresses: how to get one? Q: How does a host get IP address? r hard-coded by system admin in a file m Windows: control-panel->network->configuration-
Transitioning to IPv6 April 15,2005 Presented By: Richard Moore PBS Enterprise Technology.

Transitioning to IPv6 April 15,2005 Presented By: Richard Moore PBS Enterprise Technology.
IPv4 to IPv6 Migration strategies. What is IPv4  Second revision in development of internet protocol  First version to be widely implied.  Connection.

IPv4 to IPv6 Migration strategies. What is IPv4  Second revision in development of internet protocol  First version to be widely implied.  Connection.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Implementing IP Addressing Services Accessing the WAN – Chapter 7.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Implementing IP Addressing Services Accessing the WAN – Chapter 7.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 W. Schulte Chapter 5: Network Address Translation for IPv4  Connecting.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 W. Schulte Chapter 5: Network Address Translation for IPv4  Connecting.
© 2007 Cisco Systems, Inc. All rights reserved.ICND2 v1.0—7-1 Address Space Management Transitioning to IPv6.

© 2007 Cisco Systems, Inc. All rights reserved.ICND2 v1.0—7-1 Address Space Management Transitioning to IPv6.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Lecture15: Network Address Translation for IPv4 Connecting Networks.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Lecture15: Network Address Translation for IPv4 Connecting Networks.
Understanding Internet Protocol

Understanding Internet Protocol
RFC 3489bis Jonathan Rosenberg Cisco Systems. Technical Changes Needed Allow STUN over TCP –Driver: draft-ietf-sip-outbound Allow response to omit CHANGED-

RFC 3489bis Jonathan Rosenberg Cisco Systems. Technical Changes Needed Allow STUN over TCP –Driver: draft-ietf-sip-outbound Allow response to omit CHANGED-
H. 323 and firewalls: Problem Statement and Solution Framework Author: Melinda Shore, Nokia Presenter: Shannon McCracken.

H. 323 and firewalls: Problem Statement and Solution Framework Author: Melinda Shore, Nokia Presenter: Shannon McCracken.
IPv6: The Future of the Internet? July 27th, 1999 Auug.

IPv6: The Future of the Internet? July 27th, 1999 Auug.
Module 4: Configuring Network Connectivity

Module 4: Configuring Network Connectivity
This work is supported by the National Science Foundation under Grant Number DUE-0302909. Any opinions, findings and conclusions or recommendations expressed.

This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.
Lecture Week 7 Implementing IP Addressing Services.

Lecture Week 7 Implementing IP Addressing Services.
1 Anycast Address Assignment Using DHCPv6 draft-madanapalli-dhcpv6-anycast-00 Syam Madanapalli Samsung ISO IETF 61 – Washington, DC.

1 Anycast Address Assignment Using DHCPv6 draft-madanapalli-dhcpv6-anycast-00 Syam Madanapalli Samsung ISO IETF 61 – Washington, DC.
Network Services Lesson 6. Objectives Skills/ConceptsObjective Domain Description Objective Domain Number Setting up common networking services Understanding.

Network Services Lesson 6. Objectives Skills/ConceptsObjective Domain Description Objective Domain Number Setting up common networking services Understanding.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Network Addressing Networking for Home and Small Businesses – Chapter.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Network Addressing Networking for Home and Small Businesses – Chapter.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Addressing the Network – IPv4 Network Fundamentals – Chapter 6.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Addressing the Network – IPv4 Network Fundamentals – Chapter 6.

Similar presentations

Ads by Google