Presentation is loading. Please wait.

Presentation is loading. Please wait.

Ingress Filtering, Site Multihoming, and Source Address Selection

Published byElfreda Atkins Modified over 5 years ago

Similar presentations

Presentation on theme: "Ingress Filtering, Site Multihoming, and Source Address Selection"— Presentation transcript:

1 Ingress Filtering, Site Multihoming, and Source Address Selection
draft-draves-ipngwg-ingress-filtering-00 Richard Draves May 31, 2001 Redmond Interim IPv6 WG Meeting

2 The Problem Multi-homed site
Site prefix from each ISP ISPs perform source-address-based ingress filtering Routing within site is based on destination address – egress is independent of source address. => No connectivity to some destinations.

3 Possible Solutions Tunneling between egress routers
Simplify – sites with one link Prefix policy configuration New ICMP error

4 Tunneling between Egress Routers
Site egress routers inspect the source address Tunnel packets to other egress router Pro – No changes in hosts Con – inefficient routing Con – requires router configuration

5 Sites with One Link Suppose site has one link with multiple ISP routers, Each ISP router advertises only its own prefix, Then router choice could influence source address selection if hosts remember which router advertised the prefix used to generate each address.

6 Discussion Pro – fairly simple change to hosts
Con – limited applicability Can be generalized to site networks where each internal router only forwards towards one egress.

7 Prefix Policy Configuration
Use prefix policy table configuration to control choice of source address for different destination prefixes. Pro – uses existing mechanism. Con – need to understand how intrasite routing partitions destination space. This partition likely not constant across time or site topology. Con – need to distribute policies to hosts. In RAs?

8 New ICMP Error Destination-unreachable due to source filter, supplies the required prefix. Allow list of prefixes? Host can associate this prefix with a destination address and use it to influence source address selection. Analogous to PMTU discovery Except first router should be most restrictive.

9 Issue – TCP interaction
This doesn’t help the first packet sent to a destination. Must modify TCP to recognize this error in response to a SYN and redo source address selection.

10 Issue – Routing the error
ISP A dst D src B1 Site A1 B1 ISP B If ISP A sends the error to B1, then it will take a circuitous route back to the host.

11 Error Routing Solutions
Force this particular ICMP error back out incoming interface? Send the ICMP error using a routing header with an intermediate destination, which is an anycast address equal to the site prefix? Assumptions: anycast address assigned to all routers in site using site prefix convex routing within the site.

12 New ICMP Error w/ Routing Header
Pro – like PMTU discovery, good robustness Con – like PMTU discovery, first packet is dropped Con – additional mechanism

Download ppt "Ingress Filtering, Site Multihoming, and Source Address Selection"

Similar presentations

MPLS VPN.

MPLS VPN.
Source Address Selection in Multi-Prefix Multi-Service Network Arifumi Matsumoto NTT PF Lab.

Source Address Selection in Multi-Prefix Multi-Service Network Arifumi Matsumoto NTT PF Lab.
Host Centric Multi6 Christian Huitema Architect Windows Networking & Communications Microsoft Corporation.

Host Centric Multi6 Christian Huitema Architect Windows Networking & Communications Microsoft Corporation.
CSC458 Programming Assignment II: NAT Nov 7, 2014.

CSC458 Programming Assignment II: NAT Nov 7, 2014.
Internetworking II: MPLS, Security, and Traffic Engineering

Internetworking II: MPLS, Security, and Traffic Engineering
TCP/IP Protocol Suite 1 Chapter 27 Upon completion you will be able to: Next Generation: IPv6 and ICMPv6 Understand the shortcomings of IPv4 Know the IPv6.

TCP/IP Protocol Suite 1 Chapter 27 Upon completion you will be able to: Next Generation: IPv6 and ICMPv6 Understand the shortcomings of IPv4 Know the IPv6.
Transitioning to IPv6 April 15,2005 Presented By: Richard Moore PBS Enterprise Technology.

Transitioning to IPv6 April 15,2005 Presented By: Richard Moore PBS Enterprise Technology.
TCOM 509 – Internet Protocols (TCP/IP) Lecture 06_b Subnetting,Supernetting, CIDR IPv6 Instructor: Dr. Li-Chuan Chen Date: 10/06/2003 Based in part upon.

TCOM 509 – Internet Protocols (TCP/IP) Lecture 06_b Subnetting,Supernetting, CIDR IPv6 Instructor: Dr. Li-Chuan Chen Date: 10/06/2003 Based in part upon.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Addressing the Network – IPv4 Network Fundamentals – Chapter 6.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Addressing the Network – IPv4 Network Fundamentals – Chapter 6.
Network Localized Mobility Management using DHCP

Network Localized Mobility Management using DHCP
資 管 Lee Lesson 12 IPv6 Mobility. 資 管 Lee Lesson Objectives Components of IPv6 mobility IPv6 mobility messages and options IPv6 mobility data structures.

資 管 Lee Lesson 12 IPv6 Mobility. 資 管 Lee Lesson Objectives Components of IPv6 mobility IPv6 mobility messages and options IPv6 mobility data structures.
Transition Mechanisms for Ipv6 Hosts and Routers RFC2893 By Michael Pfeiffer.

Transition Mechanisms for Ipv6 Hosts and Routers RFC2893 By Michael Pfeiffer.
MPLS L3 and L2 VPNs Virtual Private Network –Connect sites of a customer over a public infrastructure Requires: –Isolation of traffic Terminology –PE,

MPLS L3 and L2 VPNs Virtual Private Network –Connect sites of a customer over a public infrastructure Requires: –Isolation of traffic Terminology –PE,
Routing of Outgoing Packets with MP-TCP draft-handley-mptcp-routing-00 Mark Handley Costin Raiciu Marcelo Bagnulo.

Routing of Outgoing Packets with MP-TCP draft-handley-mptcp-routing-00 Mark Handley Costin Raiciu Marcelo Bagnulo.
2002 년 2 학기이동인터넷프로토콜 1 Mobile IP:Overview. 2002 년 2 학기이동인터넷프로토콜 2 Mobile IP overview Is Mobile IP an official standard? What problems does Mobile IP solve?

2002 년 2 학기이동인터넷프로토콜 1 Mobile IP:Overview 년 2 학기이동인터넷프로토콜 2 Mobile IP overview Is Mobile IP an official standard? What problems does Mobile IP solve?
Lecture 3a Mobile IP 1. Outline How to support Internet mobility? – by Mobile IP. Our discussion will be based on IPv4 (the current version). 2.

Lecture 3a Mobile IP 1. Outline How to support Internet mobility? – by Mobile IP. Our discussion will be based on IPv4 (the current version). 2.
Summary of Certification Process (part 1). IPv6 Client IPv6 packets inside IPv4 packets.

Summary of Certification Process (part 1). IPv6 Client IPv6 packets inside IPv4 packets.
9/11/2015Home Networking1 Bob.test Have Road Runner Unhappy about reports of constant probes of machines Policy decision –I want to prevent unauthorized.

9/11/2015Home Networking1 Bob.test Have Road Runner Unhappy about reports of constant probes of machines Policy decision –I want to prevent unauthorized.
1 /160 © NOKIA 2001 MobileIPv6_Workshop2001.PPT / 04-20-2001 / Tutorial Mobile IPv6 Kan Zhigang Nokia Research Center Beijing, P.R.China

1 /160 © NOKIA 2001 MobileIPv6_Workshop2001.PPT / / Tutorial Mobile IPv6 Kan Zhigang Nokia Research Center Beijing, P.R.China
IPv6 Mobility Milo Liu SW2 R&D ZyXEL Communications, Inc.

IPv6 Mobility Milo Liu SW2 R&D ZyXEL Communications, Inc.

Similar presentations

Ads by Google