1 / 18

LandMARC MIPv6 stack for Windows

LandMARC MIPv6 stack for Windows. Greg O’Shea Microsoft Research. Andrew Scott Lancaster University. LandMARC MIPv6 stack. LandMARC: 2-yr project with Lancaster University, supporting 3 RA positions Several threads, now dominated by MIPv6 Added mobility to MSR 1.4 IPv6

nevina
Download Presentation

LandMARC MIPv6 stack for Windows

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. LandMARC MIPv6 stack for Windows Greg O’Shea Microsoft Research Andrew Scott Lancaster University

  2. LandMARC MIPv6 stack • LandMARC: 2-yr project with Lancaster University, supporting 3 RA positions • Several threads, now dominated by MIPv6 • Added mobility to MSR 1.4 IPv6 • RC4b (Win2K) released 1 Jan 2001 • XPB2 (WinXP beta 2): in test (internal) • WinCE3.0 + RC4b: in development (internal) • WinCE4.0 + XPB2: in development (internal)

  3. Why mobile IP? • Traditional IP address = (network + host-id) • is bound to a specific network • Connections break if node moves between nets • Problem for mobile, wireless computers (future) • Solution: MIPv6 mobile node (MN) uses two addresses • Home Address (HA) well known / used by apps • Care-Of Address (COA) when abroad • TCP sessions survive network hand-off • Nobody has to learn new home address for MN • Provides heterogeneous network hand-off

  4. Mobile at home

  5. Movement: BU to home agent

  6. CN to HA, tunnel to MN

  7. Route Optimisation

  8. Barriers to MIPv6 • IPv6 infrastructure • Others can deal with that… • Security Infrastructure (IPSec) • Connectivity with IPv4 internet when mobile • Support for IPv4 application code • Behaviour of network cards and their drivers

  9. Problem #1 : Security • Bogus Binding Update • Hilary says to Bill “Send packets for Monica to me” • Bogus Home Address Option • Hilary says to Bill “Monica said this…” • Very easy to mount an attack: • ipv6 hau <IPv6 address> 64 <home agent address> • Giving somebody else’s home address and home agent • Attach to any IPv6 net

  10. Security : use of IPSec • V12 mandated IPsec AH on Binding Updates • Works, but too hard to configure and test • Helps if administrator has: • network monitors attached • kernel debugger(s) installed on all machines • source code for IPv6 stack • program for configuring the program for configuring IPSec

  11. CAM : joint with Mike Roe • Mobile node m chooses key pair (PKm,SKm) • Mobile m chooses Home addr (IF-Id) Am = H(PKm, i) • Int i used to resolve IPv6 address collisions • Binding Update from m includes: A’m, Ac, Am, PKm, i, {H(A’m, Ac, Am, Tm)}SKm • Correspondent verifies Am = H(PKm, i) and the hash from the Binding Update • Use of PKm is uncertified, but says nothing about real-world identify • Impostor cannot submit bogus BU without finding (PK’, SK’) where H(PK’, i) = Am • (which is hard)

  12. Problem #2 : IPv4 connectivity / apps • MN abroad may lose all IPv4 connectivity • Contactable only on IPv6 care-of address • MN cannot see IPv4 internet (e.g. www) • Nodes on IPv4 internet cannot see the mobile • Implications for apps and services (e.g. DNS) • Prefer not to port every IPv4 app (yet) • Very few IPv6 apps from Microsoft (yet) • .NET Framework, IIS, file share, etc

  13. m4in6 : joint with Joe Finney

  14. Kernel development on Win2000 • Use cmd line : VStudio doesn’t add much • Makefiles unusual: initially confusing • Docs better than Linux, esp. DDK (but fragmented, large) • More helpful support: no small group wanting to keep full control as under Linux • Well-defined APIs preserve code stability • Debugging not great, circa gdb. Use SoftIce. • DbgView (etc) v. useful but not well known • NDIS easy to work with (miniport, intermediate, proto) • Learning curve 1-2 weeks alone, ~1 day supervised

  15. Kernel development on WinCE • Excellent development support • Great documentation – small unambiguous API • Drivers as easy as user-space programming (dlls) • Full source level debug in IDE using remote host • Remote driver loading on demand really nice • Important to use “recommended” CEPC components • VERY difficult to get drivers for single board computers • Companies can be really unhelpful – often because they’ve bought in the drivers and simply can’t support them.

  16. Tech tutorial at IDMS2001 • Objective: Intro to building, modifying and testing the LandMARC stack • Date: 4 September 2001 • Place: Lancaster University, or thereabouts

  17. Further Info http://research.microsoft.com/programs/europe/projects/MIPv6.asp http://www.LandMARC.net http://research.microsoft.com/msripv6 http://msdn.microsoft.com/downloads/sdks/platform/tpipv6/readme.asp http://support.microsoft.com/support/kb/articles/q273/8/26.asp http://www.IDMS2001.org/ CAM: Childproof Authentication for MIPv6, G O’Shea and M Roe, Computer Communications Review, April 2001 Mobile 4-in-6 (m4in6), J Finney and G O’Shea, Interactive Distributed Multimedia Systems (IDMS2001), 4-7 Sept 2001, Lancaster, UK

More Related