Download presentation
Presentation is loading. Please wait.
Published byNeil Neal Modified over 8 years ago
1
Routing Loop Attack Using IPv6 Automatic Tunnels: Problem Statement and Proposed Mitigations (RFC 6324) Po-Kang Chen Oct 19, 2011 1
2
Introduction Internet Protocol Version 6 (IPv6) – Because of the IPv4 exhaustion Transition Mechanisms – Dual Stack – Tunneling – Translator Transition Mechanisms Dual Stack TunnelingTranslator 2
3
Introduction (cont.) Tunneling mechanism 3 IPv6 Header Transport Layer Header Data IPv6 Header Transport Layer Header Data IPv4 Header Encapsulating IPv6 in IPv4
4
Introduction (cont.) Protocol-41 (RFC 4213) – ISATAP – 6to4 – 6RD 4
5
Routing Loop Attack Denial of Service Attack (DoS - RFC 4732) How can it occur? – Misconfiguration – Malicious attack 5
6
Routing Loop Attack (cont.) IPv6IPv4 Router 1 Router 2 src = Prf1 + IP2 dst = Prf2 + IP1 IPv6 src = Prf1 + IP2 dst = Prf2 + IP1 IPv6 src = IP2 dst = IP1 IPv4 src = Prf1 + IP2 dst = Prf2 + IP1 IPv6 6
7
Routing Loop Attack (cont.) Mitigations – Verification of Endpoint Existence – Operational Measures – Destination and Source Address Checks Security Issue – The mitigation checks do not introduce new security threats. 7
8
Reference RFC 4213 RFC 4732 8
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.