Presentation is loading. Please wait.

Presentation is loading. Please wait.

17/10/031 Euronetlab – Implementation of Teredo

Published byCamron Mosley Modified over 8 years ago

Similar presentations

Presentation on theme: "17/10/031 Euronetlab – Implementation of Teredo"— Presentation transcript:

1

2 17/10/031 Euronetlab – Implementation of Teredo Konstantin.Kabassanov@lip6.fr Vladimir.ksinant@6wind.com Vincent.Jardin@6wind.com

3 17/10/032 Summary Peer to peer applications and IPv6 Microsoft Three-Degrees IPv6 transition mechanisms used by Three- Degrees: 6to4 Teredo Teredo implementation Next steps

4 17/10/033 Peer to Peer Applications and NATs NATs break end to end End to end communications would be useful in a P2P context… Private IPv4 (DSL…) NAT Public IPv4 NAT Private IPv4 (DSL…) P2P

5 17/10/034 First type of solution Use an intermediate server Complex solution to design Operation of the server is not free Private IPv4 (DSL…) NAT Public IPv4 NAT Private IPv4 (DSL…) P2P Server

6 17/10/035 IPv6 based solutions Simpler solution Application is cheaper to design No server required, but one can be used if needed… Customer IPv6 (DSL…) Public IPv6 Customer IPv6 (DSL…) P2P

7 17/10/036 Microsoft ThreeDegrees 3° is a P2P software that connects small groups of users who know and trust one another. Currently a beta test application on Windows XP SP1 several downloads (10 000) First feed-backs are correct Use IPv6 only (No IPv4), because the application is easier to design. http://www.threedegrees.com

8 17/10/037 Three Degrees and IPv6 IPv6 is not available everywhere: It first appears as isolated islands in the IPv4 Internet Several migration techniques exist: Dual stack Automatic tunneling: 6to4 and Teredo Configured tunnels, tunnel broker Translation Application level gateways Transition mechanisms bring additional complexity Only needed during transition. Most of the complexity is in the OS, not in the application. The cost for the infrastructure is low.

9 17/10/038 Dual Stack Deploy native IPv6 in addition to IPv4 everywhere: Routers Servers: DNS, Radius… Hosts Slow deployment => not present everywhere Should be a long term goal

10 17/10/039 6to4 Goals: Allow the interconnection of IPv6 sites through a service provider network that only support IPv4. Connection of IPv6 sites to the IPv6 Internet through a service provider network that only support IPv4. Does not require the provision of IPv6 prefixes by the ISP Use of a global IPv6 prefix for each site derived from the site’s IPv4 global address.

11 17/10/0310 6to4 – Interconnection of IPv6 sites

12 17/10/0311 6to4 – Access to the IPv6 Internet

13 17/10/0312 6to4 - Limitations 6to4 relays can be vulnerable to denial of service attacks Filtering is needed in relays! The entity that operates the 6to4 relay has little means in order to control who is using the service. NATs break 6to4, if they are not co-located!

14 17/10/0313 TEREDO Goals: Provide IPv6 connectivity across one or several NATs Tunneling IPv6 packets over UDPv4 through the NAT Client/server/relay architecture Use of a new address format

15 17/10/0314 Teredo IPv6 Private IPv4 NAT Teredo tunnel: IPv6 in UDPv4 Public IPv4

16 17/10/0315 Client / relay / server Private IPv4 NAT Client Public IPv4 Server Relay 6 3 2 1 4 5 Public IPv6

17 17/10/0316 Teredo address format Teredo IPv6 prefix IPv4 address: global address of the server Flags: Cone or Symmetric NAT Port: port number to be used with the IPv4 address The “client IPv4 field” contains the global address of the NAT Teredo prefix 32 bits IPv4 @ 32 bits Flags 16 bits Client IPv4 32 bits Port 16 bits

18 17/10/0317 Teredo limitations Not well known yet, but probably similar to 6to4 Vulnerability to DoS attacks on relay, The entity that operates the 6to4 relay has little means in order to control who is using the service Some NATs are not supported Teredo relays are not deployed! Lack of implementation in routers Teredo prefix is not advertised in the IPv6 Internet

19 17/10/0318 Three Degrees and IPv6 transition Three Degrees processes as follow: If a native IPv6 address is available on the host, use it, Else If IPv4 addresses are public addresses, then use 6to4 NATs are not supposed to be in the way If IPv4 addresses are private addresses, then use Teredo NAT is likely in the way.

20 17/10/0319 Typical deployment IPv4 Internet IPv6 + IPv4 Internet NAT Teredo server Teredo relay 6to4 relay Native IPv6 6to4 tunnel Teredo tunnel

21 17/10/0320 Euronetlab contribution We implemented a Teredo Relay Server implementation available on FreeBSD as a freeware: http://www-rp.lip6.fr/teredo/ Being reviewed before committing in the FreeBSD repository. We implemented an extension to the Ethereal traffic analyzer. It has been committed and current version of Ethereal has it. We performed small scale tests LIP6, 6WIND France and 6WIND Singapore

22 17/10/0321 FreeBSD implementation Relay and Server support draft-huitema-v6ops-teredo-00.txt Based on the Netgraph technology: node ng_teredo reuses two nodes ng_ksocket that provides the UDP layer and ng_iface that provides the IPv6 routability. Routing is based on a route via a Teredo interface that can be announced into the IGP or EGP: route 3ffe:831f::/32 via ng0 ng_iface (ng0) IPv6 stack ng_teredo (relay or server) upstream hook inet6 hook ng_ksocket UDP/3544 Primary Address IPv4 stack Secondary Address IPv4 stack downstream hook secondary hook inet/dgram/udp hook

23 17/10/0322 Tests 6WIND France NAT Windows XP Public IPv4 6200 Relay/Server Public IPv6 www.ipv6.6wind.com 6WIND Singapore NAT LIP6 NAT XP LIP6 Relay/Server www.ipv6.lip6.fr teredo.ipv6.6wind.com 195.220.208.2 195.220.208.3 132.227.72.198 132.227.72.199 WEBv6 3°

24 17/10/0323

25 17/10/0324 Next steps Take into account feed-back from users Organize larger scale tests Deploy in ISP networks Is security adequate for ISP networks? Propose evolutions if required Client implementation? Euronetlab communication actions?

Download ppt "17/10/031 Euronetlab – Implementation of Teredo"

Similar presentations

IPv6 Transition Roque Gagliano What is transition? IPv4 only.IPv4 Only 1996 - 6Bone is borned IPv4 Only Experimental IPv6. Majority:

IPv6 Transition Roque Gagliano What is transition? IPv4 only.IPv4 Only Bone is borned IPv4 Only Experimental IPv6. Majority:
IPv4/IPv6 Coexistence and Transition: Requirements for solutions draft-bagnulo-v6ops-6man-nat64-pb-statement-01 M. Bagnulo, F. Baker v6ops WG - IETF71.

IPv4/IPv6 Coexistence and Transition: Requirements for solutions draft-bagnulo-v6ops-6man-nat64-pb-statement-01 M. Bagnulo, F. Baker v6ops WG - IETF71.
1 IPv6 and IPv4 Interoperation and Transition Tony Hain co-chair IETF ngtrans WG

1 IPv6 and IPv4 Interoperation and Transition Tony Hain co-chair IETF ngtrans WG
NAT, firewalls and IPv6 Christian Huitema Architect, Windows Networking Microsoft Corporation.

NAT, firewalls and IPv6 Christian Huitema Architect, Windows Networking Microsoft Corporation.
IPv4 - IPv6 Integration and Coexistence Strategies Warakorn Sae-Tang Network Specialist Professional Service Department A Subsidiary.

IPv4 - IPv6 Integration and Coexistence Strategies Warakorn Sae-Tang Network Specialist Professional Service Department A Subsidiary.
Transitioning to IPv6 April 15,2005 Presented By: Richard Moore PBS Enterprise Technology.

Transitioning to IPv6 April 15,2005 Presented By: Richard Moore PBS Enterprise Technology.
December 5, 2007 CS-622 IPv6: The Next Generation 1 IPv6 The Next Generation Saroj Patil Nadine Sundquist Chuck Short CS622-F2007 University of Colorado,

December 5, 2007 CS-622 IPv6: The Next Generation 1 IPv6 The Next Generation Saroj Patil Nadine Sundquist Chuck Short CS622-F2007 University of Colorado,
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Implementing IP Addressing Services Accessing the WAN – Chapter 7.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Implementing IP Addressing Services Accessing the WAN – Chapter 7.
Project by: Palak Baid (pb2358) Gaurav Pandey (gip2103) Guided by: Jong Yul Kim.

Project by: Palak Baid (pb2358) Gaurav Pandey (gip2103) Guided by: Jong Yul Kim.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 W. Schulte Chapter 5: Network Address Translation for IPv4  Connecting.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 W. Schulte Chapter 5: Network Address Translation for IPv4  Connecting.
Implementing IPv6 Module B 8: Implementing IPv6

Implementing IPv6 Module B 8: Implementing IPv6
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Lecture15: Network Address Translation for IPv4 Connecting Networks.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Lecture15: Network Address Translation for IPv4 Connecting Networks.
1 Teredo - Tunneling IPv6 through NATs Date: 2003-10-31 Speaker: Quincy Wu National Chiao Tung University.

1 Teredo - Tunneling IPv6 through NATs Date: Speaker: Quincy Wu National Chiao Tung University.
IPv4 & IPv6 Coexistence & Migration Joe Zhao SW2 Great China R&D Center ZyXEL Communications, Inc.

IPv4 & IPv6 Coexistence & Migration Joe Zhao SW2 Great China R&D Center ZyXEL Communications, Inc.
IPv4 Run Out and Transitioning to IPv6 Marco Hogewoning Trainer, RIPE NCC.

IPv4 Run Out and Transitioning to IPv6 Marco Hogewoning Trainer, RIPE NCC.
Enabling IPv6 in Corporate Intranet Networks

Enabling IPv6 in Corporate Intranet Networks
17/10/031 Summary Peer to peer applications and IPv6 Microsoft Three-Degrees IPv6 transition mechanisms used by Three- Degrees: 6to4 Teredo.

17/10/031 Summary Peer to peer applications and IPv6 Microsoft Three-Degrees IPv6 transition mechanisms used by Three- Degrees: 6to4 Teredo.
LMF/TTR Raimo Vuopionperä 6WINIT: Ericsson (Research) Objectives (6WINIT Kick-Off, London) Raimo Vuopionperä (Ph. D.), NomadicLab (LMF/TTR)

LMF/TTR Raimo Vuopionperä 6WINIT: Ericsson (Research) Objectives (6WINIT Kick-Off, London) Raimo Vuopionperä (Ph. D.), NomadicLab (LMF/TTR)
Octavio Medina ENSTB / IRISA DSTM Dual Stack Transition Mechanism.

Octavio Medina ENSTB / IRISA DSTM Dual Stack Transition Mechanism.
1 Internet Protocol Version 6 (IPv6) What the caterpillar calls the end of the world, nature calls a butterfly. - Anonymous.

1 Internet Protocol Version 6 (IPv6) What the caterpillar calls the end of the world, nature calls a butterfly. - Anonymous.

Similar presentations

Ads by Google