2,227 research outputs found
Description and Experience of the Clinical Testbeds
This deliverable describes the up-to-date technical environment at three clinical testbed demonstrator sites of
the 6WINIT Project, including the adapted clinical applications, project components and network transition technologies
in use at these sites after 18 months of the Project. It also provides an interim description of early experiences with
deployment and usage of these applications, components and technologies, and their clinical service impact
Ipv6 Migration Framework For Government Agencies In Malaysia
Malaysia adalah sebahagian daripada negara-negara dunia yang berusaha untuk berhijrah ke
protokol Internet Versi 6 (lPv6)
Malaysia is involved in the worldwide effort to migrate to IPv6 due to the giobal IPv4 address
depletion and other IPv4 limitations as well as to derive IPv6 benefits
A practical approach to network-based processing
The usage of general-purpose processors externally attached to routers to play virtually the role of active coprocessors seems a safe and cost-effective approach to add active network capabilities to existing routers. This paper reviews this router-assistant way of making active nodes, addresses the benefits and limitations of this technique, and describes a new platform based on it using an enhanced commercial router. The features new to this type of architecture are transparency, IPv4 and IPv6 support, and full control over layer 3 and above. A practical experience with two applications for path characterization and a transport gateway managing multi-QoS is described.Most of this work has been funded by the IST project GCAP (Global Communication Architecture and Protocols for new QoS services over IPv6 networks) IST-1999-10 504. Further development and application to practical scenarios is being supported by IST project Opium (Open Platform for Integration of UMTS Middleware) IST-2001-36063 and the Spanish MCYT under projects TEL99-0988-C02-01 and AURAS TIC2001-1650-C02-01.Publicad
A Multi-perspective Analysis of Carrier-Grade NAT Deployment
As ISPs face IPv4 address scarcity they increasingly turn to network address
translation (NAT) to accommodate the address needs of their customers.
Recently, ISPs have moved beyond employing NATs only directly at individual
customers and instead begun deploying Carrier-Grade NATs (CGNs) to apply
address translation to many independent and disparate endpoints spanning
physical locations, a phenomenon that so far has received little in the way of
empirical assessment. In this work we present a broad and systematic study of
the deployment and behavior of these middleboxes. We develop a methodology to
detect the existence of hosts behind CGNs by extracting non-routable IP
addresses from peer lists we obtain by crawling the BitTorrent DHT. We
complement this approach with improvements to our Netalyzr troubleshooting
service, enabling us to determine a range of indicators of CGN presence as well
as detailed insights into key properties of CGNs. Combining the two data
sources we illustrate the scope of CGN deployment on today's Internet, and
report on characteristics of commonly deployed CGNs and their effect on end
users
Arbitrary Packet Matching in OpenFlow
OpenFlow has emerged as the de facto control
protocol to implement Software-Defined Networking (SDN). In
its current form, the protocol specifies a set of fields on which
it matches packets to perform actions, such as forwarding,
discarding or modifying specific protocol header fields at a switch.
The number of match fields has increased with every version of
the protocol to extend matching capabilities, however, it is still
not flexible enough to match on arbitrary packet fields which
limits innovation and new protocol development with OpenFlow.
In this paper, we argue that a fully flexible match structure
is superior to continuously extending the number of fields
to match upon. We use Berkeley Packet Filters (BPF) for
packet classification to provide a protocol-independent, flexible
alternative to today’s OpenFlow fixed match fields. We have
implemented a prototype system and evaluated the performance
of the proposed match scheme, with a focus on the time it takes
to execute and the memory required to store different match
filter specifications. Our prototype implementation demonstrates
that line-rate arbitrary packet classification can be achieved with
complex BPF programs
A Framework for Rapid Development and Portable Execution of Packet-Handling Applications
This paper presents a framework that enables the execution of packet-handling applications (such as sniffers, firewalls, intrusion detectors, etc.) on different hardware platforms. This framework is centered on the NetVM - a novel, portable, and efficient virtual processor targeted for packet-based processing - and the NetPDL - a language dissociating applications from protocol specifications. In addition, a high-level programming language that enables rapid development of packet-based applications is presented
Analysis of security impact of making mShield an IPv4 to IPv6 converter box
info:eu-repo/semantics/acceptedVersio
- …