341 research outputs found
BGP-like TE Capabilities for SHIM6
In this paper we present a comprehensive set of mechanisms that restore to the site administrator the capacity of enforcing traffic engineering (TE) policies in a multiaddressed IPv6 scenario. The mechanisms rely on the ability of SHIM6 to securely perform locator changes in a transparent fashion to transport and application layers. Once an outgoing path has been selected for a communication by proper routing configuration in the site, the source prefix of SHIM6 data packets is rewritten by the site routers to avoid packet discarding due to ingress filtering. The SHIM6 locator preferences exchanged in the context establishment phase are modified by the site routers to influence in the path used for receiving traffic. Scalable deployment is ensured by the stateless nature of these mechanisms.Publicad
A QoS-Driven ISP Selection Mechanism for IPv6 Multi-homed Sites
A global solution for the provision of QoS in IPng sites must include ISP selection based on per-application requirements. In this article we present a new site-local architecture for QoS-driven ISP selection in multi-homed domains, performed in a per application basis. This architecture proposes the novel use of existent network services, a new type of routing header, and the modification of address selection mechanisms to take into account QoS requirements. This proposal is an evolution of current technology, and therefore precludes the addition of new protocols, enabling fast deployment. The sitelocal scope of the proposed solution results in ISP transparency and thus in ISP independency.This research was supported by the LONG (Laboratories Over the Next Generation Networks) project IST-1999-20393.Publicad
Design and Experimental Evaluation of a Route Optimisation Solution for NEMO
An important requirement for Internet protocol (IP)
networks to achieve the aim of ubiquitous connectivity is network
mobility (NEMO). With NEMO support we can provide Internet
access from mobile platforms, such as public transportation vehicles,
to normal nodes that do not need to implement any special
mobility protocol. The NEMO basic support protocol has been
proposed in the IETF as a first solution to this problem, but this
solution has severe performance limitations. This paper presents
MIRON: Mobile IPv6 route optimization for NEMO, an approach
to the problem of NEMO support that overcomes the limitations
of the basic solution by combining two different modes of operation:
a Proxy-MR and an address delegation with built-in routing
mechanisms. This paper describes the design and rationale of the
solution, with an experimental validation and performance evaluation
based on an implementation.Publicad
Addressless: A New Internet Server Model to Prevent Network Scanning
Eliminating unnecessary exposure is a principle of server security. The huge
IPv6 address space enhances security by making scanning infeasible, however,
with recent advances of IPv6 scanning technologies, network scanning is again
threatening server security. In this paper, we propose a new model named
addressless server, which separates the server into an entrance module and a
main service module, and assigns an IPv6 prefix instead of an IPv6 address to
the main service module. The entrance module generates a legitimate IPv6
address under this prefix by encrypting the client address, so that the client
can access the main server on a destination address that is different in each
connection. In this way, the model provides isolation to the main server,
prevents network scanning, and minimizes exposure. Moreover it provides a novel
framework that supports flexible load balancing, high-availability, and other
desirable features. The model is simple and does not require any modification
to the client or the network. We implement a prototype and experiments show
that our model can prevent the main server from being scanned at a slight
performance cost
Crypton: CRYptographic Prefixes for Route Optimization in NEMO
Proceedings of: 2010 IEEE International Conference on Communications (ICC 2010), 23-27 May, 2010, Cape Town, South AfricaThe aviation community is in the process of designing the next generation Aeronautical Telecommunications
Network (ATN), based on Internet standards, to provide airground
communications for the aircraft. Support for mobile
networks in the current Internet architecture is provided by
the NEtwork Mobility (NEMO) protocol. As currently defined,
NEMO Basic Support protocol lacks of Route Optimization
support which is an essential requirement for its adoption as
part of the next generation ATN. This paper presents a novel
security tool, the Crypto Prefixes, and their application to the
Route Optimization in Nemo (CRYPTRON). The Crypto Prefixes
are IPv6 prefixes with embedded cryptographic information that
enable the Mobile Network Prefix proof-of ownership without
any centralized trust infrastructure. In CRYPTRON, the Crypto
Prefixes are used to protect the establishment of the bindings on
the Correspondent Nodes for the whole Mobile Network PrefixEuropean Community's Seventh Framework ProgramPublicad
IPv6 Network Address Translation
Tato práce se zabĂ˝vá pĹ™ekladem sĂĹĄovĂ˝ch adres InternetovĂ©ho protokolu verze 6. CĂlem práce je vyuĹľĂt pĹ™eklad pĹ™i automatickĂ© konfiguraci koncovĂ˝ch zaĹ™ĂzenĂ. V práci jsou diskutovány stávajĂcĂ mechanismy urÄŤenĂ© k dynamickĂ© konfiguraci zaĹ™ĂzenĂ, a jejich vĂ˝hody a nevĂ˝hody. Je zde navrĹľen a implementován systĂ©m pro pĹ™ipojenĂ domácĂ poÄŤĂtaÄŤovĂ© sĂtÄ› k sĂti Internet, kombinujĂcĂ technologie Network Prefix Translation a Neighbor Discovery Proxy.This thesis deals with the translation of network addresses in the Internet protocol version 6. The aim is to use translation in the automatic configuration of end devices. In this work are discussed existing mechanisms for the dynamic configuration, and their advantages and disadvantages. There is designed and implemented system for connecting home computer network to the Internet, which combines Network Prefix Translation and Neighbor Discovery Proxy technologies.
- …