TRIP: Recent Changes and Open Issues Jonathan Rosenberg, Hussein Salama, Matt Squire Pittsburgh IETF August 3, 2000.

Slides:

Advertisements

Similar presentations

MCT620 – Distributed Systems

Advertisements

IP Addressing Higher Computing. TCP/IP TCP/IP is the communication protocol for the internet. TCP/IP is the communication protocol for the internet. TCP/IP.

Virtual Trunk Protocol

ISA 662 IKE Key management for IPSEC Prof. Ravi Sandhu.

Fall IM 2000 Introduction to SIP Jonathan Rosenberg Chief Scientist.

IM May 24, 2000 Introduction to SIP Jonathan Rosenberg Chief Scientist.

Iptel Working Group IETF 52. Agenda Agenda Bash [Rosenberg] 2m CPL/TRIP Updates [Rosenberg] 5m TRIP MIB [Walker] 10m Gateway Registration Scenarios: Internet2.

STUN Open Issues Jonathan Rosenberg dynamicsoft. Changes since -00 Answered UNSAF considerations –Still awaiting response from Leslie on whether they.

U N L E A S H I N G A S E R V I C E S R E N A I S S A N C E SIP SIP Security Jonathan Rosenberg Chief Scientist.

Fall VoN 2000 SIP Servers SIP Servers: A Buyers Guide Jonathan Rosenberg Chief Scientist.

Internet Telecom Expo September 20, 2000 SIP vs. H.323 SIP vs. H.323 Will the Real IP Telephony Please Stand Up? Jonathan Rosenberg.

Insert Tradeshow or Event Name -- Date Insert Presentation Title Realities of Multi-Domain Gateway Network Management Jonathan Rosenberg.

TRIP Transit Network Support draft-walker-iptel-trip-tns-00.txt Dave Walker ( )

Session ID Georg Carle, John Vollbrecht, Sebastian Zander, Tanja Zseby San Diego, December 2000.

1 An Update on Multihoming in IPv6 Report on IETF Activity IPv6 Technical SIG 1 Sept 2004 APNIC18, Nadi, Fiji Geoff Huston.

Doc.: IEEE /178 Submission July 2000 A. Prasad, A. Raji Lucent TechnologiesSlide 1 A Proposal for IEEE e Security IEEE Task Group.

Doc.: IEEE /087 Submission May, 2000 Steven Gray, NOKIA Jyri Rinnemaa, Jouni Mikkonen Nokia Slide 1.

Adapted Multimedia Internet KEYing (AMIKEY): An extension of Multimedia Internet KEYing (MIKEY) Methods for Generic LLN Environments draft-alexander-roll-mikey-lln-key-mgmt-01.txt.

M2M Architecture Inge Grønbæk, Telenor R&I ETSI Workshop on RFID and The Internet Of Things, 3rd and 4th December 2007.

Internet Protocol Security (IP Sec)

INTERNET PROTOCOLS Class 9 CSCI 6433 David C. Roberts Entire contents copyright 2011, David C. Roberts, all rights reserved.

1 IP Telephony (VoIP) CSI4118 Fall Introduction (1) A recent application of Internet technology – Voice over IP (VoIP): Transmission of voice.

Christophe Jelger – CS221 Network and Security - Universität Basel Christophe Jelger Post-doctoral researcher IP Multicasting.

1 Wireless and Mobile Networks Part 2 November 25, 2008 Department of Electrical and Computer Engineering University of Western Ontario ECE 436a Networking:

DMZ (De-Militarized Zone)

© 2006 Cisco Systems, Inc. All rights reserved. ICND v2.3—2-1 Extending Switched Networks with Virtual LANs Introducing VLAN Operations.

BGP Overview Processing BGP Routes.

VPN AND REMOTE ACCESS Mohammad S. Hasan 1 VPN and Remote Access.

© 2007 Cisco Systems, Inc. All rights reserved.ICND1 v1.0—-5-1 WAN Connections Enabling RIP.

Enabling IPv6 in Corporate Intranet Networks

1 Internet Protocol Version 6 (IPv6) What the caterpillar calls the end of the world, nature calls a butterfly. - Anonymous.

Agenda Virtual Private Networks (VPNs) Motivation and Basics Deployment Topologies IPSEC (IP Security) Authentication Header (AH) Encapsulating Security.

1 Network Architecture and Design Advanced Issues in Internet Protocol (IP) IPv4 Network Address Translation (NAT) IPV6 IP Security (IPsec) Mobile IP IP.

Henric Johnson1 Ola Flygt Växjö University, Sweden IP Security.

K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.

1 IP Security Outline of the session –IP Security Overview –IP Security Architecture –Key Management Based on slides by Dr. Lawrie Brown of the Australian.

Internet Protocol Security (IPSec)

Chapter 6 Configuring, Monitoring & Troubleshooting IPsec

Host Identity Protocol

RSIP Address Sharing with End-to-End Security Mike Borella, 3Com Corp. Gabriel Montenegro, Sun Microsystems March 2000.

32.1 Chapter 32 Security in the Internet: IPSec, SSL/TLS, PGP, VPN, and Firewalls Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction.

TCOM 515 Lecture 6.

Secure Socket Layer (SSL)

OV Copyright © 2013 Logical Operations, Inc. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.

OV Copyright © 2011 Element K Content LLC. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.

TCP/IP Protocols Contains Five Layers

Karlstad University IP security Ge Zhang

IPsec IPsec (IP security) Security for transmission over IP networks –The Internet –Internal corporate IP networks –IP packets sent over public switched.

VoN September ‘98 1 9/17/98 VoN Standards Update Jonathan Rosenberg Bell Laboratories September 17, 1998.

SHIM6 Protocol Drafts Overview Geoff Huston, Marcelo Bagnulo, Erik Nordmark.

© 2006 Cisco Systems, Inc. All rights reserved. Network Security 2 Module 4: Configuring Site to Site VPN with Pre-shared keys.

Virtual Private Network. ATHENA Main Function of VPN  Privacy  Authenticating  Data Integrity  Antireplay.

IP security Ge Zhang Packet-switched network is not Secure! The protocols were designed in the late 70s to early 80s –Very small network.

Securing Data Transmission and Authentication. Securing Traffic with IPSec IPSec allows us to protect our network from within IPSec secures the IP protocol.

Deploying IPv6, Now Christian Huitema Architect Windows Networking & Communications Microsoft Corporation.

1 Lecture 13 IPsec Internet Protocol Security CIS CIS 5357 Network Security.

IPSec VPN Chapter 13 of Malik. 2 Outline Types of IPsec VPNs IKE (or Internet Key Exchange) protocol.

Routing in the Inernet Outcomes: –What are routing protocols used for Intra-ASs Routing in the Internet? –The Working Principle of RIP and OSPF –What is.

Session Traversal Utilities for NAT (STUN) IETF-92 Dallas, March 26, 2015 draft-ietf-tram-stunbis Marc Petit-Huguenin, Gonzalo Salgueiro.

Lect 8 Tahani al jehain. Types of attack Remote code execution: occurs when an attacker exploits a software and runs a program that the user does not.

4.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 12: Implementing Security.

Computer Science and Engineering Computer System Security CSE 5339/7339 Session 27 November 23, 2004.

Securing Access to Data Using IPsec Josh Jones Cosc352.

IP Security (IPSec) Matt Hermanson. What is IPSec? It is an extension to the Internet Protocol (IP) suite that creates an encrypted and secure conversation.

IPSec VPN Chapter 13 of Malik.

Realities of Multi-Domain Gateway Network Management

BGP Instability Jennifer Rexford

Presentation transcript:

TRIP: Recent Changes and Open Issues Jonathan Rosenberg, Hussein Salama, Matt Squire Pittsburgh IETF August 3, 2000

8/3/00TRIP: Recent Changes and Open Issues 2 Next Hop Server Format –Host domain name or IP address in DNS format Server = host [ : port ] (RFC 1123) proxy.ietf.org :1725 –Open Issue: UDP/ TCP proxy.ietf.org;transport=tcp –Open Issue: IPv6

8/3/00TRIP: Recent Changes and Open Issues 3 Capabilities –Current capabilities: Route Types Supported and Send Receive Capability –IANA considerations –Reserved capability code 0 –Capability codes to for vendor-specific capabilities –Open Issue: making Route Types Supported mandatory –Open Issue: adding Capability Mismatch error code

8/3/00TRIP: Recent Changes and Open Issues 4 Communities Membership Capability –Permits an LS to announce to its peer the communities it is interested in. –The peer then only advertises to the LS routes of these communities.

8/3/00TRIP: Recent Changes and Open Issues 5 Attribute Type Codes –Assigned type codes to all attributes –IANA considerations –Reserved type codes 224 to 255

8/3/00TRIP: Recent Changes and Open Issues 6 Application Protocols –Added two new application protocols RAS and Annex G. –IANA considerations

8/3/00TRIP: Recent Changes and Open Issues 7 Address Families –Had to deviate from IANAs standard set of address families –POTS Numbers: private, local, national, and international Alphabet = [0-9] –Routing Numbers: mainly for European LNP Alphabet = [0-9,A-F] –IANA considerations

8/3/00TRIP: Recent Changes and Open Issues 8 ITAD Numbers –Reserved ITAD numbers 0 and –ITAD numbers to are for private use –IANA considerations –Proposal: use domain names instead of ITAD numbers Issues: –No need for IANA registration –ITAD topology restrictions –Effect on AdvertisementPath and RoutedPath attributes

8/3/00TRIP: Recent Changes and Open Issues 9 MED and Tie Breaking Rules –MED usage consistent. Higher MED is preferable –Changed tie breaking rules to favor internal routes over external routes

8/3/00TRIP: Recent Changes and Open Issues 10 Security Considerations –Protection of peer sessions using IPSec Transparent mode security association Either AH or ESP Use IKE for key exchange RSA signatures and RSA public key encryption

8/3/00TRIP: Recent Changes and Open Issues 11 Security Considerations –Sign a selected set of attributes, always including ReachableRoutes –Include list of signatures in Authentication attribute –Open Issue: What signature mechanisms to use?

8/3/00TRIP: Recent Changes and Open Issues 12 UPDATE Rate Limiting –Recommendation: Follow the same rules as in ISIS

8/3/00TRIP: Recent Changes and Open Issues 13 Application Protocol Manipulation - Example: an LS receives receives a route with application protocol SIP, changes it to Q.931, and advertises the route to an external peer. - Example: an LS receives a SIP route and advertises two routes to its external peer, a SIP route and a Q.931 route - Advantage: provides for more flexible routing, but - Requires manipulating the ReachableRoutes attribute (previously Aggregation was the only possible manipulation of ReachableRoutes

8/3/00TRIP: Recent Changes and Open Issues 14 Multiple TRIP IDs per LS –An LS MUST use the same TRIP ID with all internal peers. –Question: whats the significance of TRIP ID between external peers?

8/3/00TRIP: Recent Changes and Open Issues 15 ITAD Boundaries –On the link between two LSs –On the LS itself. Splits the LS box into two (or more Virtual LSs. Permits route summarization of TRIP-Lite routes. LS2

8/3/00TRIP: Recent Changes and Open Issues 16 ITAD Boundaries VVV GW1 GW2 GW3 TRIP-Lite LS1 LS3 Aggregation LS2 I-TRIP ITAD A ITAD B