Development of a Graduate Course on the Transition to Internet Protocol Version 6

Internet and mobile connectivity has grown tremendously in the last few decades, creating an ever increasing demand for Internet Protocol (IP) addresses. The pool of Internet Protocol version 4 (IPv4) addresses, once assumed to be more than sufficient for every person on this planet, has reached its final stages of depletion. With The Internet Assigned Numbers Authority’s (IANA) global pools depleted, and four of the five Regional Internet Registries (RIR) pools down to the their last /8 block, the remaining addresses will not last very long. In order to ensure continuous growth of the internet in the foreseeable future, we would need a newer internet protocol, with a much larger address space. Specifically, with that goal in mind the Internet Protocol version 6 (IPv6) was designed about two decades ago. Over the years it has matured, and has proven that it could eventually replace the existing IPv4. This thesis presents the development a graduate level course on the transition to IPv6. The course makes an attempt at understanding how the new IPv6 protocol is different than the currently used IPv4 protocol. And also tries to emphasize on the options existing to facilitate a smooth transition of production networks from IPv4 to IPv6

Multifaceted Faculty Network Design and Management: Practice and Experience Report

We report on our experience on multidimensional aspects of our faculty's network design and management, including some unique aspects such as campus-wide VLANs and ghosting, security and monitoring, switching and routing, and others. We outline a historical perspective on certain research, design, and development decisions and discuss the network topology, its scalability, and management in detail; the services our network provides, and its evolution. We overview the security aspects of the management as well as data management and automation and the use of the data by other members of the IT group in the faculty.Comment: 19 pages, 11 figures, TOC and index; a short version presented at C3S2E'11; v6: more proofreading, index, TOC, reference

Deliverable DJRA1.2. Solutions and protocols proposal for the network control, management and monitoring in a virtualized network context

This deliverable presents several research proposals for the FEDERICA network, in different subjects, such as monitoring, routing, signalling, resource discovery, and isolation. For each topic one or more possible solutions are elaborated, explaining the background, functioning and the implications of the proposed solutions.This deliverable goes further on the research aspects within FEDERICA. First of all the architecture of the control plane for the FEDERICA infrastructure will be defined. Several possibilities could be implemented, using the basic FEDERICA infrastructure as a starting point. The focus on this document is the intra-domain aspects of the control plane and their properties. Also some inter-domain aspects are addressed. The main objective of this deliverable is to lay great stress on creating and implementing the prototype/tool for the FEDERICA slice-oriented control system using the appropriate framework. This deliverable goes deeply into the definition of the containers between entities and their syntax, preparing this tool for the future implementation of any kind of algorithm related to the control plane, for both to apply UPB policies or to configure it by hand. We opt for an open solution despite the real time limitations that we could have (for instance, opening web services connexions or applying fast recovering mechanisms). The application being developed is the central element in the control plane, and additional features must be added to this application. This control plane, from the functionality point of view, is composed by several procedures that provide a reliable application and that include some mechanisms or algorithms to be able to discover and assign resources to the user. To achieve this, several topics must be researched in order to propose new protocols for the virtual infrastructure. The topics and necessary features covered in this document include resource discovery, resource allocation, signalling, routing, isolation and monitoring. All these topics must be researched in order to find a good solution for the FEDERICA network. Some of these algorithms have started to be analyzed and will be expanded in the next deliverable. Current standardization and existing solutions have been investigated in order to find a good solution for FEDERICA. Resource discovery is an important issue within the FEDERICA network, as manual resource discovery is no option, due to scalability requirement. Furthermore, no standardization exists, so knowledge must be obtained from related work. Ideally, the proposed solutions for these topics should not only be adequate specifically for this infrastructure, but could also be applied to other virtualized networks.Postprint (published version

Guifi.net: characterization, data collection and selfmanagement of community

In this project, we are going to present an E2E (end to end) solution for the principal problems that normally impact the community networks and especially Guifinet. To introduce our solution, we were investigating how the Guifinet works internally (its network hierarchy, equipment used, IP configuration and also its financial system) and also how wireless technology works and their limitations. Once we analysed and detected all the potential issues, we performed a routing performance and QoS (quality or service) simulation in order to test two experimental protocol called BATMAN and OLSR to find the most suitable routing protocol for our approach. And finally, we presented our new Guifinet network concept basing in MPLS over OLSR

PROTOKÓŁ IPv6 - CHARAKTERYSTYKA I PROPONOWANE METODY WDROŻENIA W ISTNIEJĄCYCH SIECIACH IPv4 KORZYSTAJĄCYCH Z ROUTERÓW CISCO

The article constitutes an introduction to IPv6 protocol and is a review of the existing approaches to ensure the coexistence of IPv6 and IPv4, on the example of homogeneous Cisco network infrastructure. In the first paragraph, the IPv6 protocol has been characterized and compared to the IPv4. Then, concepts connected with IPv6 addressing have been described. As the main part, it has been discussed methods to provide the coexistence of the two IP protocols. It has been characterized the primary option which is the dual stack, two types of both point to point and multipoint tunnels and finally - address translation NAT-PT.Artykuł stanowi wprowadzenie do protokołu IPv6 oraz jest przeglądem istniejących podejść dla zapewnienia współistnienia IPv6 i IPv4, na przykładzie homogenicznej infrastruktury sieciowej Cisco. W pierwszym rozdziale scharakteryzowano protokół IPv6 i porównano go z IPv4. Następnie opracowano koncepcje związane z adresowaniem IPv6. W głównej części opisano metody do zapewnienia koegzystencji dwóch protokołów IP. Scharakteryzowano podstawową opcję jaką jest podwójny stos, po dwa rodzaje tunelowania punkt-punkt i punkt-wielopunkt oraz w końcu translację adresów NAT-PT

Segment Routing: a Comprehensive Survey of Research Activities, Standardization Efforts and Implementation Results

Fixed and mobile telecom operators, enterprise network operators and cloud providers strive to face the challenging demands coming from the evolution of IP networks (e.g. huge bandwidth requirements, integration of billions of devices and millions of services in the cloud). Proposed in the early 2010s, Segment Routing (SR) architecture helps face these challenging demands, and it is currently being adopted and deployed. SR architecture is based on the concept of source routing and has interesting scalability properties, as it dramatically reduces the amount of state information to be configured in the core nodes to support complex services. SR architecture was first implemented with the MPLS dataplane and then, quite recently, with the IPv6 dataplane (SRv6). IPv6 SR architecture (SRv6) has been extended from the simple steering of packets across nodes to a general network programming approach, making it very suitable for use cases such as Service Function Chaining and Network Function Virtualization. In this paper we present a tutorial and a comprehensive survey on SR technology, analyzing standardization efforts, patents, research activities and implementation results. We start with an introduction on the motivations for Segment Routing and an overview of its evolution and standardization. Then, we provide a tutorial on Segment Routing technology, with a focus on the novel SRv6 solution. We discuss the standardization efforts and the patents providing details on the most important documents and mentioning other ongoing activities. We then thoroughly analyze research activities according to a taxonomy. We have identified 8 main categories during our analysis of the current state of play: Monitoring, Traffic Engineering, Failure Recovery, Centrally Controlled Architectures, Path Encoding, Network Programming, Performance Evaluation and Miscellaneous...Comment: SUBMITTED TO IEEE COMMUNICATIONS SURVEYS & TUTORIAL

Evaluating the security vulenerabilities of the IP6to4 tunnelling mechanism

The two versions of Internet Protocol (IP) rely on mechanisms that will convert one protocol to the other and vice versa. Version 4 is still prevalent in the Internet backbone and version 6 in most private networks. In this research we focus on the automatic tunnelling mechanism that provides the encapsulation at one end of the transition tunnel and the de-encapsulation at the other end dependant on the direction of transition. In our research we asked: How secure is the automatic tunnelling mechanism? It is a simple question but important given the number of times transition may occur in any communication and the potential for vulnerabilities. To test the capability of the software instance we launched attacks on the inside and the outside of the tunnel; recorded performance variations and noted opportunities for information sniffing. In all instances the results show weaknesses that can be exploited and the potential for an outsider to not only launch for example DoS attacks but to also disrupt the information being managed in the tunnel. How secure is the automatic tunnelling mechanism

Analysis of IPV6 Transition Technologies

Currently IPv6 is extremely popular with companies, organizations and Internet service providers (ISP) due to the limitations of IPv4. In order to prevent an abrupt change from IPv4 to IPv6, three mechanisms will be used to provide a smooth transition from IPv4 to IPv6 with minimum effect on the network. These mechanisms are Dual-Stack, Tunnel and Translation. This research will shed the light on IPv4 and IPv6 and assess the automatic and manual transition strategies of the IPv6 by comparing their performances in order to show how the transition strategy affects network behaviour. The experiment will be executed using OPNET Modeler that simulates a network containing a Wide Area Network (WAN), a Local Area Network (LAN), hosts and servers. The results will be presented in graphs and tables, with further explanation. The experiment will use different measurements such as throughput, latency (delay), queuing delay, and TCP delay.Comment: pages 19-38, Online link: http://airccse.org/journal/cnc/6514cnc02.pd

GNFC: Towards Network Function Cloudification

An increasing demand is seen from enterprises to host and dynamically manage middlebox services in public clouds in order to leverage the same benefits that network functions provide in traditional, in-house deployments. However, today's public clouds provide only a limited view and programmability for tenants that challenges flexible deployment of transparent, software-defined network functions. Moreover, current virtual network functions can't take full advantage of a virtualized cloud environment, limiting scalability and fault tolerance. In this paper we review and evaluate the current infrastructural limitations imposed by public cloud providers and present the design and implementation of GNFC, a cloud-based Network Function Virtualization (NFV) framework that gives tenants the ability to transparently attach stateless, container-based network functions to their services hosted in public clouds. We evaluate the proposed system over three public cloud providers (Amazon EC2, Microsoft Azure and Google Compute Engine) and show the effects on end-to-end latency and throughput using various instance types for NFV hosts