270 likes | 358 Views
What’s In A Name?. Name Space Research Group. ver 4. IHL. TOS 0. len. id. flags. offset. ttl=32. TCP. checksum. 128.6.4.1. 10.1.0.36. no options. padding. sport=1938. dport=23. seq=363275463. ack=2742094. Internet. offset. res. flags. win. “Red”. cksum=2471. urgent.
E N D
What’s In A Name? Name Space Research Group
ver 4 IHL TOS 0 len id flags offset ttl=32 TCP checksum 128.6.4.1 10.1.0.36 no options padding sport=1938 dport=23 seq=363275463 ack=2742094 Internet offset res. flags win “Red” cksum=2471 urgent etc… In The Beginning “SRI-NIC” 10.1.0.36 128.6.4.1
Internet Complications: NAT, Firewalls & Web Caches 192.168.1.2 “SRI-NIC” 192.168.1.3 128.6.4.1 192.22.111.1 192.168.1.1 192.168.1.3 192.168.1.4
Internet People “borrow” addresses with PPP 192.168.1.2 “SRI-NIC” 192.168.1.3 128.6.4.1 192.22.111.1 192.168.1.1 192.168.1.3 PPP 192.168.1.4
Internet … and with Wireless and DHCP 192.168.1.2 “SRI-NIC” 192.168.1.3 128.6.4.1 192.22.111.1 192.168.1.1 192.168.1.3 PPP 192.168.1.4
Internet Sites are distributing load 192.168.1.2 192.168.1.2 “www.cnn.com” 192.22.111.1 192.168.1.3 128.6.4.1 192.168.1.5 192.168.1.1 192.168.1.3 PPP 192.168.1.4
192.168.1.2 192.168.1.2 192.168.1.2 192.168.1.3 128.6.4.1 Internet 192.168.1.5 192.168.1.5 192.168.1.3 …Geographically “www.cnn.com” 192.22.111.1 192.168.1.2 129.2.105.125 201.67.23.5 192.168.1.3 192.168.1.3 192.168.1.4
192.168.1.2 192.168.1.2 192.168.1.2 “www.cnn.com” ver 4 IHL TOS 0 len 192.22.111.1 id flags offset ttl=32 TCP checksum 129.2.105.125 192.168.1.3 128.6.4.1 201.67.23.5 Internet no options padding sport=1938 dport=80 192.168.1.2 seq=363275463 192.168.1.5 192.168.1.5 ack=2742094 129.2.105.125 offset res. flags win 201.67.23.5 “Red” 192.168.1.3 192.168.1.3 cksum=2471 urgent etc… 192.168.1.3 192.168.1.4 And Still We Have IP, But…
What’s Changed? • IP addresses have become ephemeral. • In many cases we don’t care what host we connect to, so long as it has the service we want. There is no standard way to uniquely identify an end point over any period of time.
Enter: Your friendly neighborhood IAB • Held a workshop to discuss the problem. • Formed a research group full of lots of luminaries. • Steve Crocker, Steve Bellovin, Steve Deering, JI, Noel Chiappa, Bob Moskowitz, Scott Bradner, Brian Carpenter, Gabriel Montengro, Rob Austein, Lixia Xiang, John Day, Thomas Narten, Matt Holdrege, Randy Stewart, Karen Sollins, Leslie Daigle, John Wroclawski, Henning Schulzrinne, Ran Atkinson, Mike O’Dell, Randy Bush
Coping Mechanisms • RSIP & MIDCOM • Get through NATs into a single name space • but only for a time • RSIP has stack complications • Ssh keys • identifies users and hosts to each other • trust model is limited • Solves problem only for SSH
More Coping • Cookies • Provide a unique way to identify an end point. • Currently only implemented in one direction. • SCTP adding of transport names • Allows transport names to change midflight. • Specific to SCTP. • Doesn’t provide unique names. • Purpose built keys (PBKs) • Ad hoc keys: the other end will be the same end at the end of a communication.
ver 4 IHL TOS 0 len id flags offset ttl=32 TCP checksum 128.6.4.1 10.1.0.36 no options padding sport=1938 dport=23 seq=363275463 ack=2742094 offset res. flags win “Red” cksum=2471 urgent etc… So Who Does The Communicating? Stack
Application Transport Internet Media That State That Represents Some Sort of Entity Stack A stack name uniquely identifies a stack.
What Do Stack Names Look Like? • Human readable or binary? • Administratively or statistically unique? • Fixed or variable length? • Is there any structure at all? (How) do we administer stack names?
??? Every Connection Application Every Packet Transport Every Frame Internet Link Where Should Stacks Be Identified?
SIP HTTP DOOM GNUTELLA SMTP IMXP POP WHOIS IMAP IMPP BEEP RTSP FTP IRC Oracle NNTP Amanda H.323 TCP UDP SCTP RDP IPv4 IPv6 At Which Layer?
IP Version 6 • Large enough address space to eliminate need for NATs • Low order half may be unique IEEE address (but TCP pseudo header still computes against the whole thing) • And then there (was) “8+8” • It’s just about here, and it’s just about mobile.
The Internet IP Mobility – IPv6 Mobile Host 2001:0240:1e1f:0040:… Care-of 3ffe:1a33:0:2caa::1 Home Net 2001:0240:1e1f:0040::/64 3ffe:1a33:0:2caa::2 3ffe:1a9a:0:1::1 Correspondent Node Server
Ok, but… • Addresses are still tied to interfaces • No major change to how we do interdomain routing • Address is still aggregated and tied to topology • MIPv6 home addresses still tied to topology (this is not entirely a bad thing) Mobility means changing your address, not your name.
Application Transport Internet Media Binding Between Transport and Internet src address dst address zero PTCL TCP Length
Application Transport Identity Internet Media Adding A New Layer src name dst name zero PTCL TCP Length src name dst name
Or Perhaps Here… (Looks Familiar) Application src name dst name Session Transport Internet Media
The Questions • Is a stable unique name necessary? • Can an additional layer reduce complexity? • Is MIPv6 good enough? • What does stack name look like? • What is its lifetime? • What resolution mechanisms are needed? • How is it unique? • And where does it live in the stack? • Security and Privacy considerations- • PKI Required? • Can it help with dynamic binding?
Lots of Related Work • SCTP -- draft-ietf-tsvwg-addip-sctp-05.txt • PBK -- draft-bradner-pbk-frame-00.txt • HIP -- draft-moskowitz-hip-arch-02.txt • MIPv6 -- draft-ietf-mobileip-ipv6-18.txt • MIDCOM / RSIP / TIST / … • GSE -- draft-ietf-ipngwg-gseaddr-00.txt • Anycast…
NSRG Work • There’s a draft • draft-irtf-nsrg-report-05.txt • Ideas mentioned therein take in a lot of opinions • Even so, there are a lot more opinions. • More help needed. • Mailing list: name-space@external.cisco.com • Subscribe: mailer@cisco.com • “subscribe name-space yourname@youraddress