IPv6 over xDSL: The DIODOS Proposal Athanassios Liakopoulos Greek Research & Technology Network International IPv6 Workshop, Kopaonik,

Slides:

Advertisements

Similar presentations

Encrypting Wireless Data with VPN Techniques

Advertisements

IPv4 - IPv6 Integration and Coexistence Strategies Warakorn Sae-Tang Network Specialist Professional Service Department A Subsidiary.

Transitioning to IPv6 April 15,2005 Presented By: Richard Moore PBS Enterprise Technology.

Emmanouel (Manos) Varvarigos Computer Technology Institute and Press "Diophantus“, CTI Greece Gathering and Processing Energy Consumption Data from Greek.

Interworking IPv6 in Mobile Networks Mat

Configuring and Troubleshooting Network Connections

ADSL Systems - An Overview Praveen Reguraman InterOperability Lab University of New Hampshire 1999.

IST 201 Chapter 9. TCP/IP Model Application Transport Internet Network Access.

1 Chapter 2: Networking Protocol Design Designs That Include TCP/IP Essential TCP/IP Design Concepts TCP/IP Data Protection TCP/IP Optimization.

Securing Remote PC Access to UNIX/Linux Hosts with VPN or SSH Charles T. Moetului WRQ, Inc. (206)

1.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 1: Introducing Windows Server.

Layer 2 Tunneling Protocol (L2TP)

SCSC 455 Computer Security Virtual Private Network (VPN)

An Example of IPv6 Necessity in the Greek School Network Athanassios Liakopoulos Greek Research & Technology Network.

IPv6 Address Provisioning In IPv6 world there are three provisioning aspects wich are independent of whether the IPv6 node is a Host or CE router: IPv6.

DSL Access Architectures and Protocols. xDSL Architecture.

1 Configuring Virtual Private Networks for Remote Clients and Networks.

Hands-On Microsoft Windows Server 2003 Administration Chapter 11 Administering Remote Access Services.

© 2006 Cisco Systems, Inc. All rights reserved. Implementing Secure Converged Wide Area Networks (ISCW) Module 2: Teleworker Connectivity.

Goal of The Paper  What exactly is a VPN?  Why do you need a VPN?  what are some of the technologies used in deploying a VPN?  How does a VPN work?

Chapter 8: Configuring Network Connectivity. Installing Network Adapters Network adapter cards connect a computer to a network. Installation –Plug and.

VPN – Technologies and Solutions CS158B Network Management April 11, 2005 Alvin Tsang Eyob Solomon Wayne Tsui.

VPN – Virtual Private Networking. VPN A Virtual Private Network (VPN) connects the components of one network over another network. VPNs accomplish this.

Remote Networking Architectures

Network Address Translation, Remote Access and Virtual Private Networks BSAD 146 Dave Novak Sources: Network+ Guide to Networks, Dean 2013.

300Mbps Dual Band Wireless VDSL2 Router VDR-300NU.

1 © J. Liebeherr, All rights reserved Virtual Private Networks.

Module 11: Supporting Remote Users. Overview Establishing Remote Access Connections Connecting to Virtual Private Networks Configuring Authentication.

© 2007 Cisco Systems, Inc. All rights reserved.ISCW-Mod3_L7 1 Network Security 2 Module 6 – Configure Remote Access VPN.

1 Microsoft Windows NT 4.0 Authentication Protocols Password Authentication Protocol (PAP) Challenge Handshake Authentication Protocol (CHAP) Microsoft.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 9 Network Policy and Access Services in Windows Server 2008.

Virtual Private Networks (Tunnels). When Are VPN Tunnels Used? VPN with PPTP tunnel Used if: All routers support VPN tunnels You are using MS-CHAP or.

Network Services Lesson 6. Objectives Skills/ConceptsObjective Domain Description Objective Domain Number Setting up common networking services Understanding.

Windows Internet Connection Sharing Dave Eitelbach Program Manager Networking And Communications Microsoft Corporation.

Virtual Private Network (VPN) SCSC 455. VPN A virtual private network that is established over, in general, the Internet – It is virtual because it exists.

6W 02/ IPv6 over DSL - Deployment Scenarios - Franck Leclercq, 6WIND VP sales Asia-Pacific.

CHAPTER 2 PCs on the Internet Suraya Alias. The TCP/IP Suite of Protocols Internet applications – client/server applications The client requested data.

12-Sep-15 Virtual Private Network. Why the need To transmit files securely without disclosing sensitive information to others in the Internet.

WAN Technologies Dial-up modem connections

Deploying IPv6 Services over broadband connections: The Greek School Network case Athanassios Liakopoulos Kostas Kalevras Dimitrios Kalogeras TERENA Conference.

Copyright ©Universalinet.Com, LLC 2009 Implementing Secure Converged Wide Area Networks ( ISCW) Take-Aways Course 1: Cable (HFC) Technologies.

Remote Access Chapter 4. Learning Objectives Understand implications of IEEE 802.1x and how it is used Understand VPN technology and its uses for securing.

Remote Access Chapter 4. Learning Objectives Understand implications of IEEE 802.1x and how it is used Understand VPN technology and its uses for securing.

11.59 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS,

Access Protocols PPP vs. DHCP Chapter 5. Overview PPP DHCP User identities Assignment of IP addresses Assignment of other parameters.

VIRTUAL PRIVATE NETWORK By: Tammy Be Khoa Kieu Stephen Tran Michael Tse.

Hands-On Microsoft Windows Server Introduction to Remote Access Routing and Remote Access Services (RRAS) –Enable routing and remote access through.

IPv6 for ISP Industry Sify Technologies Ltd Somasundaram Padmanabhan Network Engineering IPv6 Awareness Workshop.

Network access security methods Unit objective Explain the methods of ensuring network access security Explain methods of user authentication.

1 Chapter 3: Multiprotocol Network Design Designs That Include Multiple Protocols IPX Design Concepts AppleTalk Design Concepts SNA Design Concepts.

L2TP Chapter 7. Motivation Sometimes we want to tunnel one protocol over another protocol –Maybe the network does not understand how to forward that protocol.

© 2004, Cisco Systems, Inc. All rights reserved. CSPFA 3.2—16-1 Lesson 16 Easy VPN Remote—Small Office/Home Office.

Remote Access and Long-Distance Communications. Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Typical Telephone.

PANA in DSL networks draft-morand-pana-panaoverdsl-00.txt Lionel Morand Roberta Maglione John Kaippallimalil Alper Yegin IETF-67, San Diego.

Windows Vista Configuration MCTS : Advanced Networking.

KAPLAN SCHOOL OF INFORMATION SYSTEMS AND TECHNOLOGY IT375 Window Enterprise Administration Course Name – IT Introduction to Network Security Instructor.

Jonathan Brewer Technical Director Araneo Wireless Solutions Layer 3 Tunnels for Broadband Delivery.

MTA Network Fundamental Cram Sesion

Virtual Private Networks (VPN)

Virtual Private Networks

Virtual Private Network (VPN)

Broadband Components Customer Premises Equipment(CPE)

Virtual Private Network (VPN)

PPPoE Internet Point to Point Protocol over Ethernet

Goals Introduce the Windows Server 2003 family of operating systems

VPN: Virtual Private Network

Cengage Learning: Computer Networking from LANs to WANs

Topic 12: Virtual Private Networks

Presentation transcript:

IPv6 over xDSL: The DIODOS Proposal Athanassios Liakopoulos Greek Research & Technology Network International IPv6 Workshop, Kopaonik, March 6 th,2005

International IPv6 Workshop - Kopaonik, March '052 Outline Introduction to DSL technology IPv6 services over DSL The DIODOS project IPv6 services in DIODOS

International IPv6 Workshop - Kopaonik, March '053 Entities involved in an xDSL environment Subscriber (xDSL User) Network Access Provider (NAP)  Responsible for the management of the copper local loop. Network Service Provider  Responsible for providing interconnection with the Internet.  May offer other added-value services.

International IPv6 Workshop - Kopaonik, March '054 Basic Network Elements Subscriber (DSL User)  PC, modem, CPE router Network Access Provider (NAP)  DSLAM, BBRAS, radius server (?) Network Service Provider  Edge router, radius server (?)

International IPv6 Workshop - Kopaonik, March '055 Implementation details xDSL modem  Encapsulates Subscribers’ traffic to ATM cells, signal (de)modulation DSL Access Multiplexer (DSLAM)  Signal (de)modulation, aggregates traffic over ATM links Broad Band Remote Access Concentrator BBRAS  Terminates the Subscribers’ ATM connections, forwards traffic to the NSP edge router. Radius Server  Contains configuration templates NSP edge router

International IPv6 Workshop - Kopaonik, March '056 Ethernet bridging over ATM The CPE forwards IP packets using multi-protocol encapsulation over ATM adaptation layer 5 (AAL5). Minimum functionality is required for CPE, aka xDSL modem (L3 unaware device). A single ATM PVC is used for IPv4/6 interconnection Subscriber’s PCs are configured with static IPv6 address, or via DHCPv6 or via auto-configuration This method does not support authentication and authorization functionality!

International IPv6 Workshop - Kopaonik, March '057 PPP over AAL5 (PPPoA) The CPE supports IPv6/4 packet forwarding and interconnects multiple systems in the Subscriber’s local network. A single PPPoA session is established over a ATM PVC allowing the CPE router to establish two PPP sessions; an IPv6 (IPCPv6) and an IPv4 (IPv4) IPv6 addresses are assigned automatically over the PPP sessions using attributes stored in a centralised radius server or a local database. The CPE can be authenticated using one of the multiple protocols, such as PAP, CHAP, MS-CHAP, EAP, etc.

International IPv6 Workshop - Kopaonik, March '058 PPP over AAL5 (PPPoA) In case the NAP and the NSP are different, the PPP sessions do not terminate at the BBRAS but at the edge router.  BBRAS = L2TP Access Concentrator (LAC)  Edge router = L2TP Network Server (LNS) Two PPP sessions are established from the CPE router, which terminate at the LNS. Address assignment and authentications methods are performed in the same was as previously but now the radius server is managed by the NSP.

International IPv6 Workshop - Kopaonik, March '059 PPP over Ethernet (PPPoE) Separate PPP sessions are established between the CPE and the BBRAS for IPv6 and IPv4 traffic.  Sessions terminate in the LNS in the NSP network (not shown).  PPP sessions may terminate in the Subscriber’s system. This allows the CPE to be L3 unaware and, thus, cheap(!) but requires specific software to be installed in the Subscribers’ systems.

International IPv6 Workshop - Kopaonik, March '0510 The DIODOS project In Greek, the word “diodos” means “passage”. Established under the authority of the Ministry of Development, the Ministry of National Education & Religious Affairs and the Ministry of Transport and Communications  Realised by the General Secretariat for Research and Technology with the support of Greek Research & Technology Network. (in greek)

International IPv6 Workshop - Kopaonik, March '0511 DIODOS objectives (?) Improve the quality of training in Greece  Enabling tele-teaching, collaboration, videoconferencing, etc  Easy access to available content, such as digital libraries, multimedia content, virtual labs, etc. Increase the penetration of broadband technology in Greece Give motives to ISPs to improve their infrastructure Create future potential Users

International IPv6 Workshop - Kopaonik, March '0512 DIODOS Entities Network Access Provider (NAP) Network Service Provider  GRNET  Provide the Internet interconnection services Accounting – Management  ISPs  Maintaining the radius servers  Accounting and billing of Subscribers

International IPv6 Workshop - Kopaonik, March '0513 Obstacles Greece-wide service  Centralised architecture, high availability Limited amount of time for implementation and deployment Management complexity  Three different entities involved  Information System had to be implemented  Lack of management tools Open to all competitive ISPs

International IPv6 Workshop - Kopaonik, March '0514 Why IPv6 support is important? “Always-on” xDSL connections require a routable IP address per subscriber  Thousands of new IPv4 addresses have to be allocated for DIODOS connections. In the hypothetical case that all the students on Aristotle University of Thessaloniki take advantage of DIODOS programme, more than 150 class C networks has to be allocated! A /9 IPv4 address has to be allocated to all Greek Universities!

International IPv6 Workshop - Kopaonik, March '0515 Why IPv6 support is important? (2) Take advantage of the experience gained from other IPv6 deployments in Greece.  GRNET provides IPv6 interconnection services since the end of  The Greek School Network (GSN) introduced IPv6 interconnection services over xDSL on a pilot basis. If DIODOS will support only IPv4 services, it may affect the impact of the other IPv6-enalbed networks.

International IPv6 Workshop - Kopaonik, March '0516 Why IPv6 support is important? (3) Exposing students to new technologies is one of the major objectives of any educational system.  New advanced services and applications may take advantage of the unique IPv6 features,  Large portion of Greek student still has not access to IPv6 technology DIODOS could become a “vehicle” to improve the educational process and further stimulate innovation.

International IPv6 Workshop - Kopaonik, March '0517 Possible IPv6-enabled implementations Use Global Unicast IPv6 and Private IPv4 addresses  Overcome the IPv4 depletion problem  Static NAT is used for IPv4 connectivity Possible scalability problems.  Problems with application protocols caring IP addresses in their payload Application-Level Gateways (ALG) are needed Affected protocols: ICMP, FTP, H.323, SNMP, DNS, NetBIOS over TCP/IP (NBT) etc. Difficulties with IPSec.

International IPv6 Workshop - Kopaonik, March '0518 Possible IPv6-enabled implementations Use open replay 6to4 servers  No solution to IPv4 depletion problem  Security configuration Tunnel Broker  More complex solution than 6to4 tunneling  No solution to IPv4 depletion problem Open VPN solutions

International IPv6 Workshop - Kopaonik, March '0519 Thank you!