1 / 16

Hiding OSPF Transit-only Networks

Hiding OSPF Transit-only Networks. Yi Yang IETF 79. What are transit-only networks?. W hy to hide them?. Infrastructure security Plus, downsize routing table and speed up convergence . How to hide them?. Point-to-Point networks Broadcast networks Non-Broadcast networks. Point-to-Point.

bertha
Download Presentation

Hiding OSPF Transit-only Networks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Hiding OSPFTransit-only Networks Yi Yang IETF 79

  2. What are transit-only networks?

  3. Why to hide them? • Infrastructure security • Plus, downsize routing table and speed up convergence

  4. How to hide them? • Point-to-Point networks • Broadcast networks • Non-Broadcast networks

  5. Point-to-Point 1.1.1.1 2.2.2.2 .1 .2 LS Age = 0 LS Type = 1 LS ID = 1.1.1.1 Adv. Router = 1.1.1.1 Number of Links = 2 Link ID = 2.2.2.2 Link Data = 10.1.1.1 Type = 1 Metric = 10 Link ID= 10.1.1.0 Link Data = 255.255.255.252 Type = 3 Metric = 10 LS Age = 0 LS Type = 1 LS ID = 2.2.2.2 Adv. Router = 2.2.2.2 Number of Links = 2 Link ID = 1.1.1.1 Link Data = 10.1.1.2 Type = 1 Metric = 10 Link ID= 10.1.1.0 Link Data = 255.255.255.252 Type = 3 Metric = 10 10.1.1.0/30

  6. Point-to-Point 1.1.1.1 2.2.2.2 .1 .2 LS Age = 0 LS Type = 1 LS ID = 1.1.1.1 Adv. Router = 1.1.1.1 Number of Links = 1 Link ID = 2.2.2.2 Link Data = 10.1.1.1 Type = 1 Metric = 10 LS Age = 0 LS Type = 1 LS ID = 2.2.2.2 Adv. Router = 2.2.2.2 Number of Links = 1 Link ID = 1.1.1.1 Link Data = 10.1.1.2 Type = 1 Metric = 10 10.1.1.0/30

  7. Broadcast 3.3.3.3 4.4.4.4 10.2.2.0/24 .3 .4 .5 LS Age = 0 LS Type = 2 LS ID = 10.2.2.5 Adv. Router = 5.5.5.5 Network Mask = 255.255.255.0 Attached Router = 3.3.3.3 Attached Router = 4.4.4.4 Attached Router = 5.5.5.5 5.5.5.5

  8. Broadcast 3.3.3.3 4.4.4.4 10.2.2.0/24 .3 .4 .5 LS Age = 0 LS Type = 2 LS ID = 10.2.2.5 Adv. Router = 5.5.5.5 Network Mask = 255.255.255.255 Attached Router = 3.3.3.3 Attached Router = 4.4.4.4 Attached Router = 5.5.5.5 5.5.5.5

  9. Non-Broadcast: NBMA • Use /32 subnet mask, similar to Broadcast

  10. Non-Broadcast: P2MP LS Age = 0 LS Type = 1 LS ID = 6.6.6.6 Adv. Router = 6.6.6.6 Number of Links = 3 Link ID = 7.7.7.7 Link Data = 10.3.3.6 Type = 1 Metric = 10 Link ID = 7.7.7.7 Link Data = 10.3.3.6 Type = 1 Metric = 10 Link ID= 10.3.3.0 Link Data = 255.255.255.0 Type = 3 Metric = 0 6.6.6.6 .6 .7 .8 10.3.3.0/24 7.7.7.7 8.8.8.8

  11. Non-Broadcast: P2MP LS Age = 0 LS Type = 1 LS ID = 6.6.6.6 Adv. Router = 6.6.6.6 Number of Links = 2 Link ID = 7.7.7.7 Link Data = 10.3.3.6 Type = 1 Metric = 10 Link ID = 7.7.7.7 Link Data = 10.3.3.6 Type = 1 Metric = 10 6.6.6.6 .6 .7 .8 10.3.3.0/24 7.7.7.7 8.8.8.8

  12. OSPFv3 • Remove IPv6 Prefixes from the intra-area-prefix-LSAs

  13. Next Step

  14. END

  15. Backward Compatibility: Broadcast 3.3.3.3 4.4.4.4 10.2.2.0/24 .3 .4 .5 LS Age = 0 LS Type = 2 LS ID = 10.2.2.5 Adv. Router = 5.5.5.5 Network Mask = 255.255.255.255 Attached Router = 3.3.3.3 Attached Router = 4.4.4.4 Attached Router = 5.5.5.5 5.5.5.5

  16. Backward Compatibility: Broadcast 3.3.3.3 2.2.2.2 4.4.4.4 Host A 10.2.2.0/24 1.1.1.1 .3 .4 7.7.7.7 8.8.8.8 .5 5.5.5.5 Host B Upgraded Not-upgraded-yet

More Related