BGP-like TE Capabilities for SHIM6

In this paper we present a comprehensive set of mechanisms that restore to the site administrator the capacity of enforcing traffic engineering (TE) policies in a multiaddressed IPv6 scenario. The mechanisms rely on the ability of SHIM6 to securely perform locator changes in a transparent fashion to transport and application layers. Once an outgoing path has been selected for a communication by proper routing configuration in the site, the source prefix of SHIM6 data packets is rewritten by the site routers to avoid packet discarding due to ingress filtering. The SHIM6 locator preferences exchanged in the context establishment phase are modified by the site routers to influence in the path used for receiving traffic. Scalable deployment is ensured by the stateless nature of these mechanisms.Publicad

Fault Tolerant Scalable Support for Network Portability and Traffic Engineering

The P-SHIM6 architecture provides ISP independence to IPv6 sites without compromising scalability. This architecture is based on a middle-box, the P-SHIM6, which manages the SHIM6 protocol exchange on behalf of the nodes of a site, which are configured with provider independent addresses. Incoming and outgoing packets are processed by the P-SHIM6 box, which can assign different locators to a given communication, either when it is started, or dynamically after the communication has been established. As a consequence, changes required for provider portability are minimized, and fine-grained Traffic Engineering can be enforced at the P-SHIM6 box, in addition to the fault tolerance support provided by SHIM6.This project has been supported by the RiNG project IST-2005-035167 and by the IMPROVISA project TSI2005-07384-C03-02.Publicad

Herramientas para la conectividad IPv6 con múltiples proveedores

La presente Tesis propone una arquitectura para la provisión de una solución de multihoming escalable y de la exploración de distintos enfoques. La solución actualmente disponible en IPv4 para el soporte de multihoming basada en la inyección de rutas de sitio en el sistema global de rutas impone una carga que crece linealmente con el número de sitios multihomed, lo que limita su escalabilidad y las posibilidades de crecimiento. La presente Tesis plantea una solución alternativa que garantice la escalabilidad del sistema global de rutas basada en el uso de direcciones agregables por proveedor (PA). En una configuración basada en direcciones PA, un sitio multihomed obtiene tantos bloques de dirección como proveedores tiene lo que plantea las dificultades con los filtros de ingreso, con el iniciar una nueva comunicaciones después de un fallo y la preservación de comunicaciones ante la ocurrencia de un fallo. La presente Tesis Doctoral plantea una arquitectura para solventar estos problemas basada en el encaminamiento basado en dirección origen para proveer compatibilidad con los filtros de ingreso, y una nueva capa de identificación dentro de la capa IP para brindar las capacidades requeridas de tolerancia de fallos. ________________________________________________In this Thesis we propose an architecture for the provision of scalable IPv6 multihoming support. In the multihoming solution currently deployed in the IPv4 Internet, the multihomed site announces a route to its address blocks through all the providers using BGP. The result is that multiple routes towards the multihomed site are available in the inter-domain routing system. While this solution provides the fault tolerance and path selection features required to a multihoming solution, it presents limited scalability, since each multihomed site contributes with at least one routing table entry in the already oversized inter-domain routing tables. Because the support of the multihoming solution currently deployed in the IPv4 Internet is becoming challenging even for the current number of multihomed sites, this approach is deemed unsuitable for the expected number of multihomed sites in the future IPv6 Internet, especially when considering that the wide adoption of low-budget broadband access technologies such as ADSL or CATV will enable multihoming in SOHO environments. As a consequence, an alternative multihoming solution for IPv6 is needed. The requirements imposed to the new solution essentially include all the benefits provided by the incumbent solution, i.e. fault tolerance and traffic engineering capabilities, and also an enhanced scalability with respect to the number of multi-homed sites and other relevant Internet parameters. In order to preserve routing system scalability, aggressive route aggregation can be achieved through provider-based aggregation, precluding the injection of routes associated with individual multi-homed end-sites. When Provider Aggregatable (hereafter PA) addressing is used, multi-homed sites obtain one prefix per each one of their providers. Consequently, as each provider will only announce its own prefix to the rest of the Internet, a given provider will be used to reach the multihomed site only when the destination addresses used belong to the prefix associated with the provider. So, in order to be reachable through all of the providers of the site, each host within the multihomed site will have to configure multiple addresses, one per provider. Even if this setup guarantees the scalability of the multihoming solution, such multi-addressed configuration is not without difficulties of its own when attempting to provide the additional features mentioned above. In particular, this configuration presents the following problems: - Incompatibility with ingress filtering techniques: The incompatibility is caused by the lack of coordination between the IPv6 source address selection mechanism, performed by the host, and the path selection mechanism, performed by the intra-site routing system. As long as outgoing packets are routed through the provider that has delegated the prefix contained in the source address, packets will flow freely; but when those packets are routed through a different ISP, they will be discarded by the ingress filtering mechanism x due to source address incompatibility. It must be noted that because of this issue, packets may be discarded even in a scenario without failures. - Difficulties when establishing new communications after an outage. The difficulties arise because not all of the addresses available for a multihomed host are reachable, so in order to be able to communicate, hosts need to properly discard unreachable addresses and select those addresses that are reacahable. Current address selection mechanisms are unable to cope with such situation. - Difficulties when preserving established communications. In order to preserve established communications through outages, the endpoints of the communication have to adapt the addresses used during the lifetime of the communication according to the available providers. Moreover, this address replacement has to be performed in a transparent fashion with respect to transport and application layers, in order to actually preserve the established communication. Current applications and transport layers, such as TCP and UDP, identify the endpoints of a communication through the IP addresses of the nodes involved, implying that the IP addresses selected at the communication establishment time must remain invariant through the lifetime of the communication. But as it has been presented earlier, once that an outage has occurred in one of the available ISPs, the associated address becomes unreachable, so an alternative address has to be used in order to convey packets to the multi-homed host. These two constraints impose that after an outage, packets must carry a different address, corresponding to an available ISP, but they have to be presented to transport and application layers as if they contained the original address, in order to be recognized as belonging to the established communication. Such approach requires additional mechanisms in both ends of the communication in order to preserve a coherent mapping between the IP addresses presented to the transport and application layers and those addresses actually contained in the packets. - Difficulties when providing traffic engineering capabilities. The usage of multiple prefixes pre multihomed site imply that those traffic engineering techniques will no longer apply, and alternative mechanisms that provide equivalent capabilities are required. In this Thesis we describe an architecture for the provision of multihoming in IPv6 that deals with all the aforementioned concerns. The proposed IPv6 multihoming architecture introduces the following components: - An intra-site routing paradigm that takes into account the source address, so that source hosts can determine through the selection of the source address, the exit path of the packets. Such feature provides ingress filtering compatibility. - An address selection mechanism that takes into account address reachability information acquired through a trial and error procedure. - A new Multihoming Sub-Layer within the IP layer that will perform the required mapping between the addresses that are presented to the upper layer protocols and the addresses that are actually used for exchanging packets in the network. Such layer allows the usage of different addresses for exchanging packets during the lifetime of a communication, while keeping unchanged the address presented to the upper layers, preserving the established communication. - A mechanism for the configuration of the policy table defined in the default address selection procedure, for the provision of traffic engineering capabilities. A detailed presentation of the aforementioned mechanisms is preceded by an exhaustive analysis of the solution space that justifies the selected approach

Efficient security for IPv6 multihoming

In this note, we propose a security mechanism for protecting IPv6 networks from possible abuses caused by the malicious usage of a multihoming protocol. In the presented approach, each multihomed node is assigned multiple prefixes from its upstream providers, and it creates the interface identifier part of its addresses by incorporating a cryptographic one-way hash of the available prefix set. The result is that the addresses of each multihomed node form an unalterable set of intrinsically bound IPv6 addresses. This allows any node that is communicating with the multihomed node to securely verify that all the alternative addresses proposed through the multihoming protocol are associated to the address used for establishing the communication. The verification process is extremely efficient because it only involves hash operationsPublicad

Providing Authentication & Authorization Mechanisms for Active Service Charging

Active network technology enables fast deployment of new network services tailored to the specific needs of end users, among others features. Nevertheless proper charging for these new added value services require suitable authentication and authorization mechanisms. In this article we describe a security architecture for SARA (Simple Active Router-Assistant) architecture, an active network platform deployed in the context of the IST-GCAP project. The proposed solution provides all the required security features, and it also grants proper scalability of the overall system, by using a distributed key-generation algorithm.Publicad

An Architecture for Network Layer Privacy

We present an architecture for the provision of network layer privacy based on the SHIM6 multihoming protocol. In its basic form, the architecture prevents on-path eavesdroppers from using SHIM6 network layer information to correlate packets that belong to the same communication but use different locators. To achieve this, several extensions to the SHIM6 protocol and to the HBA (Hash Based Addresses) addressing model are defined. On its full-featured mode of operation, hosts can vary dynamically the addresses of the packets of on-going communications. Single-homed hosts can adopt the SHIM6 protocol with the privacy enhancements to benefit from this protection against information collectors.IEEE Communications SocietyPublicad

An API for IPv6 Multihoming based on HBA and CGA

EUNICE 2005. IFIP International Workshop on Networked Applications, Colmenarejo, Madrid/Spain, 6–8 July, 2005. (Proceedings of the 11th Open European Summer School EUNICE 2005: Networked Applications)This paper proposes an API for Multihoming in IPv6. This API is based on the Hash Based Addresses and Cryptographically Generated Addresses approaches, which are being developed by the IETF multi6 Working Group. The support of Multihoming implies several actions such as failure detection procedures, reachability tests, re-homing procedures and exchange of locators. Applications can benefit from transparent access to Multihoming services only if per host Multihoming parameters are defined. However, more benefits could be obtained by applications if they will be able to configure these parameters. The proposed Multihoming API provides different functions to applications which can modify some parameters and invoke some functions related with the Multihoming Layer.This work has been partly supported by the European Union under the E-Next Project FP6506869 and by OPTINET6 project TIC-2003-09042-C03-01

ROSA: Realistic Open Security Architecture for active networks

Proceedings of IFIP-TC6 4th International Working Conference, IWAN 2002 Zurich, Switzerland, December 4–6, 2002.Active network technology enables fast deployment of new network services tailored to the specific needs of end users, among other features. Nevertheless, security is still a main concern when considering the industrial adoption of this technology. In this article we describe an open security architecture for active network platforms that follow the discrete approach. The proposed solution provides all the required security features, and it also grants proper scalability of the overall system, by using a distributed key-generation algorithm. The performance of the proposal is validated with experimental data obtained from a prototype implementation of the solution.Publicad

An API for IPv6 Multihoming

IFIP International Workshop on Networked Applications, Colmenarejo, Madrid/Spain, 6?8 July, 2005This paper proposes an API for Multihoming in IPv6. This API is based on the Hash Based Addresses and Cryptographically Generated Addresses approaches, which are being developed by the IETF multi6 Working Group. The support of Multihoming implies several actions such as failure detection procedures, reachability tests, re-homing procedures and exchange of locators. Applications can benefit from transparent access to Multihoming services only if per host Multihoming parameters are defined. However, more benefits could be obtained by applications if they will be able to configure these parameters. The proposed Multihoming API provides different functions to applications which can modify some parameters and invoke some functions related with the Multihoming Layer.Publicad

IPv6 Multihoming Support in the Mobile Internet

Fourth-generation mobile devices incorporate multiple interfaces with diverse access technologies. The current Mobile IPv6 protocol fails to support the enhanced fault tolerance capabilities that are enabled by the availability of multiple interfaces. In particular, established MIPv6 communications cannot be preserved through outages affecting the home address. In this article, we describe an architecture for IPv6 mobile host multihoming that enables transport layer survivability through multiple failure modes. The proposed approach relies on the cooperation between the MIPv6 and the SHIM6 protocols.Publicad