Presentation is loading. Please wait.

Presentation is loading. Please wait.

Preferred Alternatives for Tunnelling HIP (PATH)

Published byFlorence Sharp Modified over 6 years ago

Similar presentations

Presentation on theme: "Preferred Alternatives for Tunnelling HIP (PATH)"— Presentation transcript:

1 Preferred Alternatives for Tunnelling HIP (PATH)
<draft-nikander-hip-path-01.txt> P. Nikander, H. Tschofenig, X. Fu, T. Henderson

2 Idea Allow HIP to traverse LEGACY NA(P)Ts by reusing EXISTING mechanisms Goal: To allow HIP protocol exchanges between two HIP endpoints to traverse NATs Mainly for standard ESP-mode encapsulation How: Use UDP encapsulation for HIP signaling and data messages Introduce a new (S-)UDP-REA parameter in HIP signaling messages To support the case where DS/DR we use the RVS functionality (as well as HIP endpoints) to support this extension Such extended RVS servers  also called “PATH” servers HIP endpoints accessing this info  “PATH” clients

3 The UDP-REA parameter UDP-REA: UDP encapsulated REAdress Idea: Used in
To detect existence of NA(P)Ts Mainly, consists of “lifetime + Hashed value” Hash = PRF(RANDOM | Source IP | Destination IP | Source Port | Destination Port) Used in R1-I2 signaling messages in HIP base exchanges RVS/PATH registrations relayed HIP base exchange thru RVS/PATH server UPDATE messages in RVS/PATH registration HIP base UPDATE messages

4 The S-UDP-REA Parameter
S-UDP-REA: “Secure” UDP-REAdress Idea: Reuse other (external) mechanism to discover the NA(P)T address External mechanism can be STUN, TURN, MIDCOM, or NSIS NATFW NSLP Then integrity-protected UDP-REA parameter can be included in the HIP I1-R2 signaling messages This also allows HIP traversal of certain firewalls

5 Next Steps ?

6 Questions?

Download ppt "Preferred Alternatives for Tunnelling HIP (PATH)"

Similar presentations

Applicability Statement of NSIS Protocols in Mobile Environments draft-ietf-nsis-applicability-mobility-signaling-12.txt Takako Sanda, Xiaoming Fu, Seong-Ho.

Applicability Statement of NSIS Protocols in Mobile Environments draft-ietf-nsis-applicability-mobility-signaling-12.txt Takako Sanda, Xiaoming Fu, Seong-Ho.
Internet Protocol Security (IP Sec)

Internet Protocol Security (IP Sec)
IPSec.

IPSec.
RFC 3489bis Jonathan Rosenberg Cisco Systems. Technical Changes Needed Allow STUN over TCP –Driver: draft-ietf-sip-outbound Allow response to omit CHANGED-

RFC 3489bis Jonathan Rosenberg Cisco Systems. Technical Changes Needed Allow STUN over TCP –Driver: draft-ietf-sip-outbound Allow response to omit CHANGED-
IPSec: Authentication Header, Encapsulating Security Payload Protocols CSCI 5931 Web Security Edward Murphy.

IPSec: Authentication Header, Encapsulating Security Payload Protocols CSCI 5931 Web Security Edward Murphy.
SIP Traversal over NAT Problems and Solutions Mr. Ting-Yun Chi May 2,2006 (Taiwan,NICI IPv6 R&D Division)

SIP Traversal over NAT Problems and Solutions Mr. Ting-Yun Chi May 2,2006 (Taiwan,NICI IPv6 R&D Division)
Copyright 2005 – 2009 © by Elliot Eichen. All rights reserved. NAT (NAPT/PAT), STUN, and ICE `Structure of ice II, viewed along the hexagonal c-axis. Hydrogen.

Copyright 2005 – 2009 © by Elliot Eichen. All rights reserved. NAT (NAPT/PAT), STUN, and ICE `Structure of ice II, viewed along the hexagonal c-axis. Hydrogen.
STUN Tutorial Jonathan Rosenberg Chief Technology Officer.

STUN Tutorial Jonathan Rosenberg Chief Technology Officer.
Agenda Virtual Private Networks (VPNs) Motivation and Basics Deployment Topologies IPSEC (IP Security) Authentication Header (AH) Encapsulating Security.

Agenda Virtual Private Networks (VPNs) Motivation and Basics Deployment Topologies IPSEC (IP Security) Authentication Header (AH) Encapsulating Security.
NAT TRAVERSAL FOR IPSEC Research Seminar on Datacommunications Software HIIT 09.11.2005.

NAT TRAVERSAL FOR IPSEC Research Seminar on Datacommunications Software HIIT
IP SECURITY – Chapter 16 IP SECURITY – Chapter 16 Security Mechanisms: email – S/MIME, PGP client/server - Kerberos web access - Secure Sockets Layer network.

IP SECURITY – Chapter 16 IP SECURITY – Chapter 16 Security Mechanisms: – S/MIME, PGP client/server - Kerberos web access - Secure Sockets Layer network.
Chapter 13 IPsec. IPsec (IP Security)  A collection of protocols used to create VPNs  A network layer security protocol providing cryptographic security.

Chapter 13 IPsec. IPsec (IP Security)  A collection of protocols used to create VPNs  A network layer security protocol providing cryptographic security.
Mobile IPv6 - NSIS Interaction for Firewall traversal draft-thiruvengadam-nsis-mip6-fw-04 S. Thiruvengadam Hannes Tschofenig Franck Le Niklas Steinleitner.

Mobile IPv6 - NSIS Interaction for Firewall traversal draft-thiruvengadam-nsis-mip6-fw-04 S. Thiruvengadam Hannes Tschofenig Franck Le Niklas Steinleitner.
1 © NOKIA NSIS MIPv6 FW/ November 8 th 2004 Mobile IPv6 - NSIS Interaction for Firewall traversal draft-thiruvengadam-nsis-mip6-fw-01 S. Thiruvengadam.

1 © NOKIA NSIS MIPv6 FW/ November 8 th 2004 Mobile IPv6 - NSIS Interaction for Firewall traversal draft-thiruvengadam-nsis-mip6-fw-01 S. Thiruvengadam.
1 IP Security Outline of the session –IP Security Overview –IP Security Architecture –Key Management Based on slides by Dr. Lawrie Brown of the Australian.

1 IP Security Outline of the session –IP Security Overview –IP Security Architecture –Key Management Based on slides by Dr. Lawrie Brown of the Australian.
SIP, NAT, Firewall SIP NAT Firewall How to Traversal NAT/Firewall for SIP.

SIP, NAT, Firewall SIP NAT Firewall How to Traversal NAT/Firewall for SIP.
Mobile IP Polytechnic University Anthony Scalera Heine Nzumafo Duminda Wickramasinghe Edited by: Malathi Veeraraghavan 12/05/01.

Mobile IP Polytechnic University Anthony Scalera Heine Nzumafo Duminda Wickramasinghe Edited by: Malathi Veeraraghavan 12/05/01.
Host Identity Protocol

Host Identity Protocol
Polycom Conference Firewall Solutions. 2 The use of Video Conferencing Is Rapidly Growing More and More people are adopting IP conferencing Audio and.

Polycom Conference Firewall Solutions. 2 The use of Video Conferencing Is Rapidly Growing More and More people are adopting IP conferencing Audio and.
Mobile IP Traversal Of NAT Devices By, Vivek Nemarugommula.

Mobile IP Traversal Of NAT Devices By, Vivek Nemarugommula.

Similar presentations

Ads by Google