Draft-ietf-intarea-nat-reveal-analysis – IETF84 Analysis of Solution Candidates to Reveal a Host Identifier (HOST_ID) in Shared Address Deployments draft-ietf-intarea-nat-reveal-analysis-02.

Slides:



Advertisements
Similar presentations
NAT-PT Applicability Statement Design Team IETF #57, IETF V6OPS WG Vienna, Austria July 16, 2003.
Advertisements

Deployment Considerations for Dual-stack Lite IETF 80 Prague Yiu Lee, Roberta Magione, Carl Williams, Christian Jacquenet Mohamed Boucadair.
Deployment Considerations for Dual-stack Lite draft-lee-softwire-dslite-deployment-00 Yiu Lee, Roberta Magione, Carl Williams, Christian Jacquenet Mohamed.
Security implications of Network Address Translators (NATs) (draft-gont-behave-nat-security) Fernando Gont Pyda Srisuresh UTN/FRH EMC Corporation 76th.
Network Layer Packet Forwarding IS250 Spring 2010
Controls. Chapter 9: Identifying and Analyzing Risk Mitigation Controls.
Format for the Session Initiation Protocol (SIP) Common Log Format (CLF) draft-ietf-sipclf-format-01 (G. Salgueiro, V. Gurbani, and A. B. Roach) Presenter:
SP Wi-Fi Services over Residential Architectures (draft-gundavelli-v6ops-community-wifi-svcs) IETF 84 - August, 2012 Authors: Sri Gundavelli(Cisco) Mark.
IETF 80 th 1 Analysis of Solution Candidates to Reveal the Origin IP Address in Shared Address Deployments draft-boucadair-intarea-nat-reveal-analysis-01.
Dean Cheng Jouni Korhonen Mehamed Boucadair
Application Level Control of Ports in a Service Provider NAT environment Dave Thaler Dan Wing Alain Durand 1.
1 IPFIX Protocol Specifications IPFIX IETF-59 March 3, 2004 Benoit Claise Mark Fullmer Reinaldo Penno Paul Calato Stewart Bryant Ganesh Sadasivan.
A Virtual Honeypot Framework Author: Niels Provos Published in: CITI Report 03-1 Presenter: Tao Li.
Draft-ietf-v6ops-scanning-implications-00 IPv6 Implications for Network Scanning Tim Chown University of Southampton (UK) IETF 66,
BEHAVE BOF (Behavior Engineering for Hindrance AVoidancE) Cullen Jennings Jiri Kuthan.
IETF – ECRIT Emergency Context Resolution using Internet Technologies ESW 5 – Vienna October 2008 Marc Linsner.
Jun Li DHCP Option for Access Network Information draft-lijun-dhc-clf-nass-option-01.
A VIRTUAL HONEYPOT FRAMEWORK Author : Niels Provos Publication: Usenix Security Symposium Presenter: Hiral Chhaya for CAP6103.
Firewall – Survey Purpose of a Firewall – To allow ‘proper’ traffic and discard all other traffic Characteristic of a firewall – All traffic must go through.
Dean Cheng Jouni Korhonen Mehamed Boucadair
Real-time Flow Management 2 BOF: Remote Packet Capture Extensions Jürgen Quittek NEC Europe Ltd, Heidelberg, Germany Georg Carle GMD.
1 IETF 78: NETEXT Working Group IPSec/IKEv2 Access Link Support in Proxy Mobile IPv6 IPSec/IKEv2-based Access Link Support in Proxy Mobile IPv6 Sri Gundavelli.
AAA and Mobile IPv6 Franck Le AAA WG - IETF55. Why Diameter support for Mobile IPv6? Mobile IPv6 is a routing protocol and does not deal with issues related.
Enterprise IPv6 Transition Analysis IETF 62 IPv6 Operations Working Group March 7-11, 2005 Minneapolis, MN Presenter Jim Bound Jim Bound (Editor), Yanick.
Dean Cheng Xiaohu Xu Joel Halpern Mohamed Boucadair
IETF 81: V6OPS Working Group – Proxy Mobile IPv6 – Address Reservations 1 Reserved IPv6 Interface Identifier for Proxy Mobile IPv6 Sri Gundavelli (Cisco)
Privacy Considerations for Internet Protocols Alissa Cooper 1.
Draft-ietf-sip-dtls-srtp-framework-00 IETF 70 Vancouver.
Duplicate Address Detection Proxy (draft-costa-6man-dad-proxy-00)
IPv6 WORKING GROUP (IPv6 a.k.a. IPNGWG) August 2001 London IETF Bob Hinden / Nokia Steve Deering / Cisco Systems Co-Chairs.
RTCWEB Considerations for NATs, Firewalls and HTTP proxies draft-hutton-rtcweb-nat-firewall- considerations A. Hutton, T. Stach, J. Uberti.
1 Requirements for Internet Routers (Gateways) and Hosts Relates to Lab 3. (Supplement) Covers the compliance requirements of Internet routers and hosts.
1 Chapters 2 & 3 Computer Networking Review – The TCP/IP Protocol Architecture.
GROBJ Problem Statement – GROBJ BoF – IETF76 1 GROBJ BoF: Problem Statement Dan Wing, v0.3, revised: 2-Nov-2009.
1 ipv6-node-02.PPT/ 18 November 2002 / John Loughney IETF 55 IPv6 Working Group IPv6 Node Requirements draft-ietf-ipv6-node-requirements-02.txt John Loughney.
Things to Think About Eliot Lear IETF 59. What the document ISN’T This is not a requirements document –We did one of those already – RFC 3582 Not an architectural.
DHCP Option for SNMP Notifications 55 th IETF – Atlanta November 2002 draft-bakke-dhc-snmp-trap-01.txt Mark Bakke, Cisco Systems
A Framework for Session Initiation Protocol User Agent Profile Delivery (draft-ietf-sipping-config-framework-11) SIPPING – IETF 68 Mar 19, 2007 Sumanth.
1 ipv6-node-02.PPT/ 18 November 2002 / John Loughney IETF 55 IPv6 Working Group IPv6 Node Requirements draft-ietf-ipv6-node-requirements-02.txt John Loughney.
Requirements and Selection Process for RADIUS Crypto-Agility December 5, 2007 David B. Nelson IETF 70 Vancouver, BC.
1 Review – The Internet’s Protocol Architecture. Protocols, Internetworking & the Internet 2 Introduction Internet standards Internet standards Layered.
Behcet Sarikaya Frank Xia July 2009 Dual-stack Lite Mobility Solutions IETF-75
IETF70, Vancouver, December 2007draft-wing-sip-identity-media-011 SIP Identity using Media Path draft-wing-sip-identity-media-01 Dan Wing,
MPTCP proxy mechanisms (draft-wei-mptcp-proxy-mechanism-00)
V6OPS WG IETF-72 IPv6 in Broadband Networks draft-kaippallimalil-v6ops-ipv6-bbnet Presented by: David Miles Kaippallimalil John Frank Xia July 2008.
IEEE MEDIA INDEPENDENT HANDOVER DCN: Title: IETF Liaison Report Date Submitted: May 14, 2009 Presented at IEEE session.
IPFIX Requirements: Document Changes and New Issues Raised Jürgen Quittek, NEC Benoit Claise, Cisco Tanja Zseby, Sebstian Zander, FhG FOKUS.
DHCPv4 option for PANA Authentication Agents draft-suraj-dhcpv4-paa-option-00.txt DHC/PANA WG IETF-63 France, Paris.
PANA in DSL networks draft-morand-pana-panaoverdsl-00.txt Lionel Morand Roberta Maglione John Kaippallimalil Alper Yegin IETF-67, San Diego.
Dhc WG 3/2/2004, IETF 59, Seoul. 3/2/2004dhc WG - IETF 59, Seoul2 Agenda Administrivia, Agenda bashing Ralph Droms 05 minutes DHCP Option for Proxy Server.
Computer Network Architecture Lecture 7: OSI Model Layers Examples II 1 26/12/2012.
IPv6 Working Group IETF55 Atlanta November URL for Thermometer
1 Introduction IETF RFC1752 – a specification for a next-generation IP (IPng) IETF RFC2460 – IPv6 specification Designed to accommodate the highest speed.
Deploying Dual-Stack Lite in IPv6 Network draft-boucadair-dslite-interco-v4v6-04 Mohamed Boucadair
Host Identifier Revocation in HIP draft-irtf-hiprg-revocation-01 Dacheng Zhang IETF 79.
GRE-in-UDP Encapsulation
Firewalls.
IETF 55 IPv6 Working Group IPv6 Node Requirements
Firewall – Survey Purpose of a Firewall Characteristic of a firewall
IETF57 Vienna July 2003 Bob Hinden & Margaret Wasserman Chairs
iSCSI X-key for enhanced supportability
IPv4 Support for Proxy Mobile IPv6 Ryuji Wakikawa & Sri Gundavelli
Firewalls Purpose of a Firewall Characteristic of a firewall
NAT (Network Address Translation)‏
Logical Interface Support for IP Hosts
draft-ietf-bier-ipv6-requirements-01
IEEE MEDIA INDEPENDENT HANDOVER DCN: xx-00-sec
IPv6 Current version of the Internet Protocol is Version 4 (v4)
M. Boucadair, J. Touch, P. Levis and R. Penno
Presentation transcript:

draft-ietf-intarea-nat-reveal-analysis – IETF84 Analysis of Solution Candidates to Reveal a Host Identifier (HOST_ID) in Shared Address Deployments draft-ietf-intarea-nat-reveal-analysis-02 IETF84 – August Authors: Mohamed Boucadair, Joe Touch, Pierre Levis, Reinaldo Penno Presenter: Dan Wing

draft-ietf-intarea-nat-reveal-analysis – IETF84 Steps to Success 1.There is a engineering problem 2.Discuss solutions 3.Engineer the best solution 2

draft-ietf-intarea-nat-reveal-analysis – IETF84 Steps to Success 1.There is a engineering problem 2.Discuss solutions 3.Engineer the best solution 3

draft-ietf-intarea-nat-reveal-analysis – IETF84 1. There Is an Engineering Problem RFC6269, “Issues with IP Address Sharing” – draft-ietf-intarea-shared-addressing-issues – Section 13.1, Abuse Logging and Penalty Boxes 4

draft-ietf-intarea-nat-reveal-analysis – IETF84 RFC6269, Section one user who fails a number of login attempts may block out other users who have not made any previous attempts but who will now fail on their first attempt.... 5

draft-ietf-intarea-nat-reveal-analysis – IETF84 IP Reputation 6 Image source: Jason Fesler, Yahoo!

draft-ietf-intarea-nat-reveal-analysis – IETF84 Captcha challenge 7

draft-ietf-intarea-nat-reveal-analysis – IETF84 Steps to Success 1.There is a engineering problem – Problem documented in RFC6269, Section Discuss solutions 3.Engineer the best solution 8

draft-ietf-intarea-nat-reveal-analysis – IETF84 2. Discuss Solutions (1/2) Collect proposed solutions Analyze differences Recommend best solution Previous examples of solution discussions – “Recommendation for a Routing Architecture”, RFC6115, recommendation: ILNP – “Requirements and Analysis of Media Security Management Protocols”, RFC5479, recommendation: DTLS-SRTP 9

draft-ietf-intarea-nat-reveal-analysis – IETF84 2. Discuss Solutions (2/2) draft-ietf-intarea-nat-reveal-analysis 8 solutions analyzed: 1.IPID field 2.IP option 3.Port sets 4.ICMP 5.TCP option 6.PROXY protocol 7.Host Identity Protocol (HIP) 8.Inject Application Headers (e.g., X-Forwarded-For) 10

draft-ietf-intarea-nat-reveal-analysis – IETF84 Steps to Success 1.There is a engineering problem – Problem documented in RFC6269, Section Discuss solutions – draft-ietf-intarea-nat-reveal-analysis 3.Engineer the best solution 11

draft-ietf-intarea-nat-reveal-analysis – IETF84 3. Engineer the best solution First need consensus on the best solution We aren’t yet ready 12

draft-ietf-intarea-nat-reveal-analysis – IETF84 Some Questions for the WG 1.Consensus on problem in RFC6269 §13.1? 2.“Just Deploy IPv6” – Does this avoid problem in RFC6269 §13.1? – Current trajectory is 50% IPv6 in 6 years 3.Are there more than 8 solutions? 4.Disagreement that ietf-intarea-nat-reveal- analysis should recommend a best solution 13

draft-ietf-intarea-nat-reveal-analysis – IETF84 Thank you draft-ietf-intarea-nat-reveal-analysis 14

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.