1 / 18

Summary

Summary. Peer to peer applications and IPv6 Microsoft Three-Degrees IPv6 transition mechanisms used by Three-Degrees: 6to4 Teredo. Peer to Peer Applications and NATs. NATs break end to end End to end communications would be useful in a P2P context…. Private IPv4 (DSL…). Public IPv4.

nysa
Download Presentation

Summary

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Summary • Peer to peer applications and IPv6 • Microsoft Three-Degrees • IPv6 transition mechanisms used by Three-Degrees: • 6to4 • Teredo

  2. Peer to Peer Applications and NATs • NATs break end to end • End to end communications would be useful in a P2P context… Private IPv4 (DSL…) Public IPv4 Private IPv4 (DSL…) NAT P2P NAT P2P

  3. First type of solution • Use an intermediate server • Complex solution to design • Operation of the server is not free Private IPv4 (DSL…) Public IPv4 Private IPv4 (DSL…) NAT P2P NAT P2P Server

  4. IPv6 based solutions • Simpler solution • Application is cheaper to design • No server required, but one can be used if needed… Customer IPv6 (DSL…) Public IPv6 Customer IPv6 (DSL…) P2P P2P

  5. Microsoft ThreeDegrees • 3° is a P2P software that connects small groups of users who know and trust one another. • Currently a beta test application on Windows XP SP1 • several downloads (10 000) • First feed-backs are positive • Use IPv6 only (No IPv4), because the application is easier to design. • http://www.threedegrees.com

  6. Three Degrees and IPv6 • IPv6 is not available everywhere: • It first appears as isolated islands in the IPv4 Internet • Several migration techniques exist: • Dual stack • Automatic tunneling: 6to4 and Teredo • Configured tunnels, tunnel broker • Translation • Application level gateways • Transition mechanisms bring additional complexity • Only needed during transition. • Most of the complexity is in the OS, not in the application. • The cost for the infrastructure is low.

  7. Dual Stack • Deploy native IPv6 in addition to IPv4 everywhere: • Routers • Servers: DNS, Radius… • Hosts • Slow deployment => not present everywhere • Should be a long term goal

  8. 6to4 • Goals: • Allow the interconnection of IPv6 sites through a service provider network that only support IPv4. • Connection of IPv6 sites to the IPv6 Internet through a service provider network that only support IPv4. • Does not require the provision of IPv6 prefixes by the ISP • Use of a global IPv6 prefix for each site derived from the site’s IPv4 global address.

  9. 6to4 – Interconnection of IPv6 sites

  10. 6to4 – Access to the IPv6 Internet

  11. 6to4 - Limitations • 6to4 relays can be vulnerable to denial of service attacks • Filtering is needed in relays! • The entity that operates the 6to4 relay has little means in order to control who is using the service. • NATs break 6to4, if they are not co-located!

  12. TEREDO • Goals: • Provide IPv6 connectivity across one or several NATs • Tunneling IPv6 packets over UDPv4 through the NAT • Client/server/relay architecture • Use of a new address format

  13. Teredo Teredo tunnel: IPv6 in UDPv4 IPv6 Public IPv4 Private IPv4 NAT

  14. Client / relay / server Server 1 Client 2 Public IPv4 3 4 6 5 Private IPv4 Public IPv6 NAT Relay

  15. Teredo address format 16 bits 32 bits 32 bits 16 bits 32 bits • Teredo IPv6 prefix • IPv4 address: global address of the server • Flags: Cone or Symmetric NAT • Port: port number to be used with the IPv4 address • The “client IPv4 field” contains the global address of the NAT Teredo prefix IPv4 @ Flags Client IPv4 Port

  16. Teredo limitations • Not well known yet, but probably similar to 6to4 • Vulnerability to DoS attacks on relay, • The entity that operates the 6to4 relay has little means in order to control who is using the service • Some NATs are not supported • Teredo relays are not deployed! • Lack of implementation in routers • Teredo prefix is not advertised in the IPv6 Internet

  17. Three Degrees and IPv6 transition • Three Degrees processes as follow: • If a native IPv6 address is available on the host, use it, • Else • If IPv4 addresses are public addresses, then use 6to4 • NATs are not supposed to be in the way • If IPv4 addresses are private addresses, then use Teredo • NAT is likely in the way.

  18. Typical deployment Native IPv6 IPv6 + IPv4 Internet 6to4 tunnel Teredo tunnel Teredo server 6to4 relay Teredo relay NAT IPv4 Internet NAT

More Related