17/10/031 Summary Peer to peer applications and IPv6 Microsoft Three-Degrees IPv6 transition...
-
Upload
seamus-goldston -
Category
Documents
-
view
224 -
download
0
Transcript of 17/10/031 Summary Peer to peer applications and IPv6 Microsoft Three-Degrees IPv6 transition...
![Page 1: 17/10/031 Summary Peer to peer applications and IPv6 Microsoft Three-Degrees IPv6 transition mechanisms used by Three- Degrees: 6to4 Teredo.](https://reader030.fdocuments.net/reader030/viewer/2022032701/56649c7b5503460f9492f6f5/html5/thumbnails/1.jpg)
17/10/03 1
SummarySummary
• Peer to peer applications and IPv6• Microsoft Three-Degrees • IPv6 transition mechanisms used by Three-
Degrees:6to4Teredo
![Page 2: 17/10/031 Summary Peer to peer applications and IPv6 Microsoft Three-Degrees IPv6 transition mechanisms used by Three- Degrees: 6to4 Teredo.](https://reader030.fdocuments.net/reader030/viewer/2022032701/56649c7b5503460f9492f6f5/html5/thumbnails/2.jpg)
17/10/03 2
Peer to Peer Applications and NATs Peer to Peer Applications and NATs
• NATs break end to end• End to end communications would be useful in
a P2P context…
Private IPv4(DSL…)
NAT
Public IPv4
NAT
Private IPv4(DSL…)
P2PP2P
![Page 3: 17/10/031 Summary Peer to peer applications and IPv6 Microsoft Three-Degrees IPv6 transition mechanisms used by Three- Degrees: 6to4 Teredo.](https://reader030.fdocuments.net/reader030/viewer/2022032701/56649c7b5503460f9492f6f5/html5/thumbnails/3.jpg)
17/10/03 3
First type of solutionFirst type of solution
• Use an intermediate server• Complex solution to design• Operation of the server is not free
Private IPv4(DSL…)
NAT
Public IPv4
NAT
Private IPv4(DSL…)
P2PP2P
Server
![Page 4: 17/10/031 Summary Peer to peer applications and IPv6 Microsoft Three-Degrees IPv6 transition mechanisms used by Three- Degrees: 6to4 Teredo.](https://reader030.fdocuments.net/reader030/viewer/2022032701/56649c7b5503460f9492f6f5/html5/thumbnails/4.jpg)
17/10/03 4
IPv6 based solutionsIPv6 based solutions
• Simpler solution• Application is cheaper to design • No server required, but one can be used if
needed…
Customer IPv6(DSL…)
Public IPv6Customer IPv6
(DSL…)
P2PP2P
![Page 5: 17/10/031 Summary Peer to peer applications and IPv6 Microsoft Three-Degrees IPv6 transition mechanisms used by Three- Degrees: 6to4 Teredo.](https://reader030.fdocuments.net/reader030/viewer/2022032701/56649c7b5503460f9492f6f5/html5/thumbnails/5.jpg)
17/10/03 5
Microsoft ThreeDegreesMicrosoft ThreeDegrees
• 3° is a P2P software that connects small groups of users who know and trust one another.
• Currently a beta test application on Windows XP SP1 several downloads (10 000) First feed-backs are positive
• Use IPv6 only (No IPv4), because the application is easier to design.
• http://www.threedegrees.com
![Page 6: 17/10/031 Summary Peer to peer applications and IPv6 Microsoft Three-Degrees IPv6 transition mechanisms used by Three- Degrees: 6to4 Teredo.](https://reader030.fdocuments.net/reader030/viewer/2022032701/56649c7b5503460f9492f6f5/html5/thumbnails/6.jpg)
17/10/03 6
Three Degrees and IPv6Three Degrees and IPv6• IPv6 is not available everywhere:
It first appears as isolated islands in the IPv4 Internet Several migration techniques exist:
Dual stack Automatic tunneling: 6to4 and Teredo Configured tunnels, tunnel broker Translation Application level gateways
• Transition mechanisms bring additional complexity Only needed during transition. Most of the complexity is in the OS, not in the application. The cost for the infrastructure is low.
![Page 7: 17/10/031 Summary Peer to peer applications and IPv6 Microsoft Three-Degrees IPv6 transition mechanisms used by Three- Degrees: 6to4 Teredo.](https://reader030.fdocuments.net/reader030/viewer/2022032701/56649c7b5503460f9492f6f5/html5/thumbnails/7.jpg)
17/10/03 7
Dual StackDual Stack
• Deploy native IPv6 in addition to IPv4 everywhere:RoutersServers: DNS, Radius…Hosts
• Slow deployment => not present everywhere• Should be a long term goal
![Page 8: 17/10/031 Summary Peer to peer applications and IPv6 Microsoft Three-Degrees IPv6 transition mechanisms used by Three- Degrees: 6to4 Teredo.](https://reader030.fdocuments.net/reader030/viewer/2022032701/56649c7b5503460f9492f6f5/html5/thumbnails/8.jpg)
17/10/03 8
6to46to4
• Goals:Allow the interconnection of IPv6 sites through a service
provider network that only support IPv4. Connection of IPv6 sites to the IPv6 Internet through a
service provider network that only support IPv4.
• Does not require the provision of IPv6 prefixes by the ISP Use of a global IPv6 prefix for each site derived from the
site’s IPv4 global address.
![Page 9: 17/10/031 Summary Peer to peer applications and IPv6 Microsoft Three-Degrees IPv6 transition mechanisms used by Three- Degrees: 6to4 Teredo.](https://reader030.fdocuments.net/reader030/viewer/2022032701/56649c7b5503460f9492f6f5/html5/thumbnails/9.jpg)
17/10/03 9
6to4 – Interconnection of IPv6 sites 6to4 – Interconnection of IPv6 sites
Wide Area IPv4
Network IPv6 site B
2002:9fe:fdfc::0/48 IPv6 site A
2002:c001:203::0/48
6to4 router
6to4 router
IPv4 public address : 192.1.2.3
IPv4 public address :
9.254.253.252 6to4 tunnel
IPv6 packet : Src : 2002:c001:203::5 Dst : 2002:9fe:fdfc::6
IPv6 packet : Src : 2002:c001:203::5 Dst : 2002:9fe:fdfc::6
IPv6 packet : Src : 2002:c001:203::5 Dst : 2002:9fe:fdfc::6
IPv4 header : Src: 192.1.2.3 Dst: 9.254.253.252
Corresponds to IPv4 address : 192.1.2.3
Corresponds to IPv4 address : 9.254.253.252
![Page 10: 17/10/031 Summary Peer to peer applications and IPv6 Microsoft Three-Degrees IPv6 transition mechanisms used by Three- Degrees: 6to4 Teredo.](https://reader030.fdocuments.net/reader030/viewer/2022032701/56649c7b5503460f9492f6f5/html5/thumbnails/10.jpg)
17/10/03 10
6to4 – Access to the IPv6 Internet6to4 – Access to the IPv6 Internet
IPv6 site B 2002:9fe:fdfc::0/48
Wide Area IPv4
Network
IPv6
Internet IPv6 site A 2002:c001:203::0/48
6to4 router
6to4 relay
IPv4 public address : 192.1.2.3
IPv4 public address :
9.254.253.252 6to4 tunnel
IPv6 packet : Src : 2002:c001:203::5 Dst : 2002:9fe:fdfc::6
IPv6 packet : Src : 2002:c001:203::5 Dst : 2002:9fe:fdfc::6
IPv6 packet : Src : 2002:c001:203::5 Dst : 2002:9fe:fdfc::6
IPv4 header : Src: 192.1.2.3 Dst: 9.254.253.252
Corresponds to IPv4 address : 192.1.2.3
Corresponds to IPv4 address : 9.254.253.252
Standard IPv6 router
![Page 11: 17/10/031 Summary Peer to peer applications and IPv6 Microsoft Three-Degrees IPv6 transition mechanisms used by Three- Degrees: 6to4 Teredo.](https://reader030.fdocuments.net/reader030/viewer/2022032701/56649c7b5503460f9492f6f5/html5/thumbnails/11.jpg)
17/10/03 11
6to4 - Limitations6to4 - Limitations
• 6to4 relays can be vulnerable to denial of service attacksFiltering is needed in relays!
• The entity that operates the 6to4 relay has little means in order to control who is using the service.
• NATs break 6to4, if they are not co-located!
![Page 12: 17/10/031 Summary Peer to peer applications and IPv6 Microsoft Three-Degrees IPv6 transition mechanisms used by Three- Degrees: 6to4 Teredo.](https://reader030.fdocuments.net/reader030/viewer/2022032701/56649c7b5503460f9492f6f5/html5/thumbnails/12.jpg)
17/10/03 12
TEREDOTEREDO
• Goals:Provide IPv6 connectivity across one or several NATsTunneling IPv6 packets over UDPv4 through the NAT
• Client/server/relay architecture• Use of a new address format
![Page 13: 17/10/031 Summary Peer to peer applications and IPv6 Microsoft Three-Degrees IPv6 transition mechanisms used by Three- Degrees: 6to4 Teredo.](https://reader030.fdocuments.net/reader030/viewer/2022032701/56649c7b5503460f9492f6f5/html5/thumbnails/13.jpg)
17/10/03 13
TeredoTeredo
IPv6Private IPv4
NAT
Teredo tunnel: IPv6 in UDPv4
Public IPv4
![Page 14: 17/10/031 Summary Peer to peer applications and IPv6 Microsoft Three-Degrees IPv6 transition mechanisms used by Three- Degrees: 6to4 Teredo.](https://reader030.fdocuments.net/reader030/viewer/2022032701/56649c7b5503460f9492f6f5/html5/thumbnails/14.jpg)
17/10/03 14
Client / relay / serverClient / relay / server
Private IPv4
NAT
Client
Public IPv4
Server
Relay
6
3
2
1
4
5Public IPv6
![Page 15: 17/10/031 Summary Peer to peer applications and IPv6 Microsoft Three-Degrees IPv6 transition mechanisms used by Three- Degrees: 6to4 Teredo.](https://reader030.fdocuments.net/reader030/viewer/2022032701/56649c7b5503460f9492f6f5/html5/thumbnails/15.jpg)
17/10/03 15
Teredo address formatTeredo address format
• Teredo IPv6 prefix• IPv4 address: global address of the server• Flags: Cone or Symmetric NAT• Port: port number to be used with the IPv4 address• The “client IPv4 field” contains the global address of
the NAT
Teredo prefix
32 bits
IPv4 @
32 bits
Flags
16 bits
Client IPv4
32 bits
Port
16 bits
![Page 16: 17/10/031 Summary Peer to peer applications and IPv6 Microsoft Three-Degrees IPv6 transition mechanisms used by Three- Degrees: 6to4 Teredo.](https://reader030.fdocuments.net/reader030/viewer/2022032701/56649c7b5503460f9492f6f5/html5/thumbnails/16.jpg)
17/10/03 16
Teredo limitationsTeredo limitations
• Not well known yet, but probably similar to 6to4Vulnerability to DoS attacks on relay,The entity that operates the 6to4 relay has little means in
order to control who is using the serviceSome NATs are not supported
• Teredo relays are not deployed!Lack of implementation in routersTeredo prefix is not advertised in the IPv6 Internet
![Page 17: 17/10/031 Summary Peer to peer applications and IPv6 Microsoft Three-Degrees IPv6 transition mechanisms used by Three- Degrees: 6to4 Teredo.](https://reader030.fdocuments.net/reader030/viewer/2022032701/56649c7b5503460f9492f6f5/html5/thumbnails/17.jpg)
17/10/03 17
Three Degrees and IPv6 transitionThree Degrees and IPv6 transition
• Three Degrees processes as follow: If a native IPv6 address is available on the host, use it,Else
If IPv4 addresses are public addresses, then use 6to4 NATs are not supposed to be in the way
If IPv4 addresses are private addresses, then use Teredo NAT is likely in the way.
![Page 18: 17/10/031 Summary Peer to peer applications and IPv6 Microsoft Three-Degrees IPv6 transition mechanisms used by Three- Degrees: 6to4 Teredo.](https://reader030.fdocuments.net/reader030/viewer/2022032701/56649c7b5503460f9492f6f5/html5/thumbnails/18.jpg)
17/10/03 18
Typical deploymentTypical deployment
IPv4 Internet
IPv6 + IPv4 Internet
NAT
NAT
Teredoserver
Teredorelay
6to4relay
Native IPv6
6to4 tunnel
Teredo tunnel