Presentation is loading. Please wait.

Presentation is loading. Please wait.

Lightweight 4over6 + SD-nat (aka stateless DS-Lite) = Lightweight DS-Lite (twice as light!) Alain Durand (Juniper) Ian Farrer (DT) (Softwire item, presented.

Published byKimberly Blair Modified over 9 years ago

Similar presentations

Presentation on theme: "Lightweight 4over6 + SD-nat (aka stateless DS-Lite) = Lightweight DS-Lite (twice as light!) Alain Durand (Juniper) Ian Farrer (DT) (Softwire item, presented."— Presentation transcript:

1 Lightweight 4over6 + SD-nat (aka stateless DS-Lite) = Lightweight DS-Lite (twice as light!) Alain Durand (Juniper) Ian Farrer (DT) (Softwire item, presented here for feedback)

2 Motivations Simple extension to DS-Lite to push NAT function to CPE Eliminate per-flow state on AFTR Eliminate per-flow logs on AFTR Hub & Spoke model: No mathematical IPv4 and IPv6 address coupling

3 Technical Matrix Address Binding Address Binding Algorithmic Mapping Algorithmic Mapping CGN Port Management CGN Port Management Addr/Port Set Provisioning Addr/Port Set Provisioning DS-Lite Public 4over6 Lightweight DS-Lite MAP-E,MAP-T, 4rd-u, etc. Per-subscriber stateful Per-flow stateful Stateless

4 Benefits of allocating independently IPv6 and IPv4 address IPv6 addresses do not have to be allocated sequentially. Easily define and change IPv4 customer profiles (number of ports). IPv4 resources can be re-allocated freely.

5 Not Tying IPv6 address to IPv4 address plus port range In general, removing the mathematical restriction allows the operator to deliver the service he wants to offer, in the way he wants to offer them. The price to pay is to provision and manage resources at a finer granularity. Introduce per-subscriber state on tunnel concentrator (AFTR) – No per flow state!

6 CPE (no NAT) CPE (no NAT) IPv4 Classic DS-Lite Architecture DHCPv6 PE DHCPv6 configures: - CPE IPv6 address - CPE IPv6 delegated prefix - DNS resolver - AFTR IPv6 address DHCPv6 configures: - CPE IPv6 address - CPE IPv6 delegated prefix - DNS resolver - AFTR IPv6 address AFTR Per-flow mapping table DS-Lite CPE implements: -B4 element DS-Lite CPE implements: -B4 element AFTR

7 CPE (NAT) CPE (NAT) IPv4 Lightweight DS-Lite ICMP Architecture DHCPv6DHCPv4 PE ICMPv4 “Port Restricted” over IPv6 tunnel DHCPv4 (over IPv6) configures CPE B4 IPv4 address DHCPv4 (over IPv6) configures CPE B4 IPv4 address DHCPv6 configures: - CPE IPv6 address - CPE IPv6 delegated prefix - DNS resolver - AFTR IPv6 address - IPv6 address of DHCPv4 server DHCPv6 configures: - CPE IPv6 address - CPE IPv6 delegated prefix - DNS resolver - AFTR IPv6 address - IPv6 address of DHCPv4 server IPv6IPv4Port Range 2001:db8::1192.1.2.31000-1999 2001:db8::2192.1.2.32000-2999 AFTR Per-subscriber mapping table Lightweight DS-Lite CPE implements: - DHCPv4 Client Relay Agent (over IPv6) to configure B4 element IPv4 address - ICMP “Port Restricted” to configure its NAT port range Lightweight DS-Lite CPE implements: - DHCPv4 Client Relay Agent (over IPv6) to configure B4 element IPv4 address - ICMP “Port Restricted” to configure its NAT port range AFTR

8 ICMP port restricted message as proposed method to communicate port restricted range Under discussion in Softwire – AFTR must notify the CPE when port is out of assigned range – Need a new ICMP message type for that – Just use it to carry correct port range information! – Precedent to use ICMP to carry information to host: pMTUd: ICMP packet too big

9 IPv4 ICMP Packet Format +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Code | Checksum | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Min Port | Max Port | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | ~ Original Internet Headers + 64 bits of Payload ~ | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

10 Security Considerations Require ingress filtering on IPv6 access network (MaxPort – MinPort) MUST be >= 64 IPv6 SRC MUST be AFTR’s IPv6 address – As configured on CPE (learned from DHCPv6) IPv4 SRC MUST be 192.0.0.1 – AFTR well known address

Download ppt "Lightweight 4over6 + SD-nat (aka stateless DS-Lite) = Lightweight DS-Lite (twice as light!) Alain Durand (Juniper) Ian Farrer (DT) (Softwire item, presented."

Similar presentations

Dynamic Allocation of Shared IPv4 Addresses draft-csf-dhc-dynamic-shared-v4allocation-00 Q. Sun, Y. Cui, I. Farrer, Y. Lee, Q. Sun, M. Boucadair IETF 89,

Dynamic Allocation of Shared IPv4 Addresses draft-csf-dhc-dynamic-shared-v4allocation-00 Q. Sun, Y. Cui, I. Farrer, Y. Lee, Q. Sun, M. Boucadair IETF 89,
Deployment Considerations for Dual-stack Lite IETF 80 Prague Yiu Lee, Roberta Magione, Carl Williams, Christian Jacquenet Mohamed Boucadair.

Deployment Considerations for Dual-stack Lite IETF 80 Prague Yiu Lee, Roberta Magione, Carl Williams, Christian Jacquenet Mohamed Boucadair.
Anastasios Chatzithomaoglou IP Engineering – Forthnet 17-10-2013.

Anastasios Chatzithomaoglou IP Engineering – Forthnet
IPv6 Keith Wichman. History Based on IPv4 Based on IPv4 Development initiated in 1994 Development initiated in 1994.

IPv6 Keith Wichman. History Based on IPv4 Based on IPv4 Development initiated in 1994 Development initiated in 1994.
TCP/IP Protocol Suite 1 Chapter 27 Upon completion you will be able to: Next Generation: IPv6 and ICMPv6 Understand the shortcomings of IPv4 Know the IPv6.

TCP/IP Protocol Suite 1 Chapter 27 Upon completion you will be able to: Next Generation: IPv6 and ICMPv6 Understand the shortcomings of IPv4 Know the IPv6.
CPSC 441 - Network Layer4-1 IP addresses: how to get one? Q: How does a host get IP address? r hard-coded by system admin in a file m Windows: control-panel->network->configuration-

CPSC Network Layer4-1 IP addresses: how to get one? Q: How does a host get IP address? r hard-coded by system admin in a file m Windows: control-panel->network->configuration-
TCOM 509 – Internet Protocols (TCP/IP) Lecture 06_b Subnetting,Supernetting, CIDR IPv6 Instructor: Dr. Li-Chuan Chen Date: 10/06/2003 Based in part upon.

TCOM 509 – Internet Protocols (TCP/IP) Lecture 06_b Subnetting,Supernetting, CIDR IPv6 Instructor: Dr. Li-Chuan Chen Date: 10/06/2003 Based in part upon.
IPv6 – IPv4 Network Address, Port & Protocol Translation & Multithreaded DNS Gateway Navpreet Singh, Abhinav Singh, Udit Gupta, Vinay Bajpai, Toshu Malhotra.

IPv6 – IPv4 Network Address, Port & Protocol Translation & Multithreaded DNS Gateway Navpreet Singh, Abhinav Singh, Udit Gupta, Vinay Bajpai, Toshu Malhotra.
20.1 Chapter 20 Network Layer: Internet Protocol Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

20.1 Chapter 20 Network Layer: Internet Protocol Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Implementing IPv6 Module B 8: Implementing IPv6

Implementing IPv6 Module B 8: Implementing IPv6
17/10/031 Summary Peer to peer applications and IPv6 Microsoft Three-Degrees IPv6 transition mechanisms used by Three- Degrees: 6to4 Teredo.

17/10/031 Summary Peer to peer applications and IPv6 Microsoft Three-Degrees IPv6 transition mechanisms used by Three- Degrees: 6to4 Teredo.
CS 457 – Lecture 16 Global Internet - BGP Spring 2012.

CS 457 – Lecture 16 Global Internet - BGP Spring 2012.
Network Layer IPv6 Slides were original prepared by Dr. Tatsuya Suda.

Network Layer IPv6 Slides were original prepared by Dr. Tatsuya Suda.
For IPv4 Provisioning in IPv6 Network 1 Yong Cui, Jianping Wu, Peng Wu. Tsinghua Univ. (CERNET) Chris Metz. Cisco Systems Olivier Vautrin, Alain Durand.

For IPv4 Provisioning in IPv6 Network 1 Yong Cui, Jianping Wu, Peng Wu. Tsinghua Univ. (CERNET) Chris Metz. Cisco Systems Olivier Vautrin, Alain Durand.
Draft-tsou-bfd-ds-lite-02 Tina Tsou. Problem to solve – There is no status information of DS-Lite tunnel, e.g. tunnel up or down, which brings difficulties.

Draft-tsou-bfd-ds-lite-02 Tina Tsou. Problem to solve – There is no status information of DS-Lite tunnel, e.g. tunnel up or down, which brings difficulties.
ISP SP Network Egress Points Ingress Point Protocol-Specific Egress Decision IP Header Payload Transit Header IP Header Payload IP Header Payload.

ISP SP Network Egress Points Ingress Point Protocol-Specific Egress Decision IP Header Payload Transit Header IP Header Payload IP Header Payload.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 10: DHCP Routing & Switching.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 10: DHCP Routing & Switching.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 10: DHCP Routing and Switching Essentials.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 10: DHCP Routing and Switching Essentials.
Stateless Deterministic NAT (SD-NAT) draft-penno-softwire-sdnat-01 Reinaldo Penno Olivier Vautrin

Stateless Deterministic NAT (SD-NAT) draft-penno-softwire-sdnat-01 Reinaldo Penno Olivier Vautrin
Week 5: Internet Protocol Continue to discuss Ethernet and ARP –MTU –Ethernet and ARP packet format IP: Internet Protocol –Datagram format –IPv4 addressing.

Week 5: Internet Protocol Continue to discuss Ethernet and ARP –MTU –Ethernet and ARP packet format IP: Internet Protocol –Datagram format –IPv4 addressing.

Similar presentations

Ads by Google