Presentation is loading. Please wait.

Presentation is loading. Please wait.

Lauri Virtanen Supervisor: Professor Raimo Kantola Instructor: Lic.Sc.(Tech.) Nicklas Beijar Faculty of Electronics, Communications and Automation Department.

Published byMollie Garrant Modified over 9 years ago

Similar presentations

Presentation on theme: "Lauri Virtanen Supervisor: Professor Raimo Kantola Instructor: Lic.Sc.(Tech.) Nicklas Beijar Faculty of Electronics, Communications and Automation Department."— Presentation transcript:

1 Lauri Virtanen Supervisor: Professor Raimo Kantola Instructor: Lic.Sc.(Tech.) Nicklas Beijar Faculty of Electronics, Communications and Automation Department of Communications and Networking October 29th, 2009

2 Agenda Backround & Objectives Network Address Translation (NAT) Domain Name System (DNS) Customer Edge Switching (CES) Concept CES Prototype Evaluation Conclusions

3 Backround & Objectives The growing of Internet has generated problems The run out of IPv4 addresses Weak deployment of IPv6 addressing Oversizing routing tables Reachability problem A new architecture model needed to solve the current problems

4 Network Address Translation (NAT) An edge device that relays packets Changes address and port information from outgoing and incoming packets Traffic originates from inside to outside direction Inbound connection not possible -> reachability problem

5 Domain Name System (DNS) Main use is solving domain names to IP addresses In DNS, data is stored in resource records (RR) E.g. A-type RR: domain_name _Host_A IPv4_address_Host_A

6 Customer Edge Switching (CES) Concept CES is a model for the future Internet Idea to solve the reachability problem Idea to prevent IPv4 addresses from extinction by using them privately Removes the need for IPv6 and also increases security CES is aimed to be implemented with as little modification as necessary in the existing equipments Modifications allowed in DNS and NAT, hosts remain the same Aims at dividing the ownership of network into reasonable pieces: Trust domains (corporate networks, operator networks)

7 CES architecture : Routing independent in every Trust domain Network elements: host, CES, PE, DNS Identities are known only in its respective private network E.g. Identity of Host X is kept in its home CES device (CES X) and also in the DNS

8 CES Network Elements Explained Host: Basic IPv4 stacked CES: NAT extension containing its features: mappings and tables Contains information of all the registered hosts (HRL) Address pool of IPv4 addresses Hash calculating algorithm DNS: Needs a new resource record (RR) type: domain_name_Host_X = Address_CES_X + hash_Host_X E.g. host_x.foobar = MAC_CES_X + 1234

9 CES Prototype The implemented prototype differs slightly from CES concept No PE devices Prototype built on virtual PCs running Linux/Debian Programming done with Python DNS executed with DNSPython toolkit Packet generating, sending and receiving done with Scapy

10 Network Diagram: 2 Hosts, 2 CES devices and DNS IP routing (layer 3) in customer networks Ethernet (layer 2) based routing in public network

11

12 Evaluation CES can be implemented with only a few modifications in the existing infrastructure Only NAT and DNS need modifications Hosts are still IPv4 stacked computers CES works with most of the common protocols According to testing, CES works with TCP, UDP, ICMP, HTTP and SSH Still lacks compatibility with FTP and SIP

13 Test Results Program in Host AProgram in Host B Protocols tested Working Ping clientPing serverICMPYES Telnet clientTelnet serverTCPYES Lynx web browserAbyss web serverHTTPYES Iceweasel web browser Abyss web serverHTTPYES SSH clientSSH serverSSHYES FTP clientPure-FTPd (server)FTPNo Twinkle (client) SIPNo FTP and SIP fail as private addresses are placed in payload fields FTP and SIP does not work with two NATs (or CESs) Packet modification in CES could solve this

14 Conclusions The prototype proves the functioning of CES concept CES solves the reachability problem CES reuses IPv4 addresses effectively CES excludes the need for IPv6 addresses CES enhances security No modification needed in end-hosts

15 Future Research Connecting CES prototype to other networks Modification of CES prototype Designing and choosing algorithms for calculating IDs

16 Thank You!

Download ppt "Lauri Virtanen Supervisor: Professor Raimo Kantola Instructor: Lic.Sc.(Tech.) Nicklas Beijar Faculty of Electronics, Communications and Automation Department."

Similar presentations

CST 415 - Computer Networks NAT CST 415 4/10/2017 CST 415 - Computer Networks.

CST Computer Networks NAT CST 415 4/10/2017 CST Computer Networks.
NAT, firewalls and IPv6 Christian Huitema Architect, Windows Networking Microsoft Corporation.

NAT, firewalls and IPv6 Christian Huitema Architect, Windows Networking Microsoft Corporation.
CPSC 441 - Network Layer4-1 IP addresses: how to get one? Q: How does a host get IP address? r hard-coded by system admin in a file m Windows: control-panel->network->configuration-

CPSC Network Layer4-1 IP addresses: how to get one? Q: How does a host get IP address? r hard-coded by system admin in a file m Windows: control-panel->network->configuration-
Transitioning to IPv6 April 15,2005 Presented By: Richard Moore PBS Enterprise Technology.

Transitioning to IPv6 April 15,2005 Presented By: Richard Moore PBS Enterprise Technology.
IPv6 – IPv4 Network Address, Port & Protocol Translation & Multithreaded DNS Gateway Navpreet Singh, Abhinav Singh, Udit Gupta, Vinay Bajpai, Toshu Malhotra.

IPv6 – IPv4 Network Address, Port & Protocol Translation & Multithreaded DNS Gateway Navpreet Singh, Abhinav Singh, Udit Gupta, Vinay Bajpai, Toshu Malhotra.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Addressing the Network – IPv4 Network Fundamentals – Chapter 6.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Addressing the Network – IPv4 Network Fundamentals – Chapter 6.
IPv4+4 Address extension with NATs Zoltán Turányi András Valkó Andrew Campbell (Rita)

IPv4+4 Address extension with NATs Zoltán Turányi András Valkó Andrew Campbell (Rita)
Understanding Internet Protocol

Understanding Internet Protocol
IST 201 Chapter 9. TCP/IP Model Application Transport Internet Network Access.

IST 201 Chapter 9. TCP/IP Model Application Transport Internet Network Access.
Week 5: Internet Protocol Continue to discuss Ethernet and ARP –MTU –Ethernet and ARP packet format IP: Internet Protocol –Datagram format –IPv4 addressing.

Week 5: Internet Protocol Continue to discuss Ethernet and ARP –MTU –Ethernet and ARP packet format IP: Internet Protocol –Datagram format –IPv4 addressing.
1 Internet Networking Spring 2004 Tutorial 13 LSNAT - Load Sharing NAT (RFC 2391)

1 Internet Networking Spring 2004 Tutorial 13 LSNAT - Load Sharing NAT (RFC 2391)
NAT (Network Address Translator) Atif Karamat In the name of God the most merciful and the most compassionate.

NAT (Network Address Translator) Atif Karamat In the name of God the most merciful and the most compassionate.
Chapter 5 The Network Layer.

Chapter 5 The Network Layer.
1 Network Address Translation (NAT) Relates to Lab 7. Module about private networks and NAT.

1 Network Address Translation (NAT) Relates to Lab 7. Module about private networks and NAT.
CLIENT / SERVER ARCHITECTURE AYRİS UYGUR & NİLÜFER ÇANGA.

CLIENT / SERVER ARCHITECTURE AYRİS UYGUR & NİLÜFER ÇANGA.
COS 420 Day 20. Agenda Group Project Discussion Protocol Definition Due April 12 Paperwork Due April 29 Assignment 3 Due Assignment 4 is posted Last Assignment.

COS 420 Day 20. Agenda Group Project Discussion Protocol Definition Due April 12 Paperwork Due April 29 Assignment 3 Due Assignment 4 is posted Last Assignment.
1 Computer System Evolution Central Data Processing System: - with directly attached peripherals (card reader, magnetic tapes, line printer). Local Area.

1 Computer System Evolution Central Data Processing System: - with directly attached peripherals (card reader, magnetic tapes, line printer). Local Area.
Chapter 6 Network Address Translation (NAT). Network Address Translation  Modification of source or destination IP address  Needed by networks using.

Chapter 6 Network Address Translation (NAT). Network Address Translation  Modification of source or destination IP address  Needed by networks using.
Subnetting.

Subnetting.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.

Similar presentations

Ads by Google