1 / 16

Communicating Globally Using Private IP Addresses

Communicating Globally Using Private IP Addresses. Lauri Virtanen. Supervisor: Professor Raimo Kantola Instructor: Lic.Sc.(Tech.) Nicklas Beijar Faculty of Electronics, Communications and Automation Department of Communications and Networking October 29th, 2009. Agenda

Télécharger la présentation

Communicating Globally Using Private IP Addresses

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. CommunicatingGloballyUsingPrivate IP Addresses Lauri Virtanen Supervisor: Professor Raimo Kantola Instructor: Lic.Sc.(Tech.) Nicklas Beijar Faculty of Electronics, Communications and Automation Department of Communications and Networking October 29th, 2009

  2. Agenda • Backround & Objectives • Network Address Translation (NAT) • Domain Name System (DNS) • Customer Edge Switching (CES) Concept • CES Prototype • Evaluation • Conclusions

  3. Backround & Objectives • The growing of Internet has generated problems • The run out of IPv4 addresses • Weak deployment of IPv6 addressing • Oversizing routing tables • Reachability problem • A new architecture model needed to solve the current problems

  4. Network Address Translation (NAT) • An edge device that relays packets • Changes address and port information from outgoing and incoming packets • Traffic originates from inside to outside direction • Inbound connection not possible -> reachability problem

  5. Domain Name System (DNS) • Main use is solving domain names to IP addresses • In DNS, data is stored in resource records (RR) • E.g. A-type RR: domain_name _Host_A <-> IPv4_address_Host_A

  6. Customer Edge Switching (CES) Concept • CES is a model for the future Internet • Idea to solve the reachability problem • Idea to prevent IPv4 addresses from extinction by using them privately • Removes the need for IPv6 and also increases security • CES is aimed to be implemented with as little modification as necessary in the existing equipments • Modifications allowed in DNS and NAT, hosts remain the same • Aims at dividing the ownership of network into reasonable pieces: Trust domains (corporate networks, operator networks)

  7. CES architecture: • Routing independent in every Trust domain • Network elements: host, CES, PE, DNS • Identities are known only in its respective private network • E.g. Identity of Host X is kept in its home CES device (CES X) and also in the DNS

  8. CES Network Elements Explained • Host: • Basic IPv4 stacked • CES: • NAT extension containing its features: mappings and tables • Contains information of all the registered hosts (HRL) • Address pool of IPv4 addresses • Hash calculating algorithm • DNS: • Needs a new resource record (RR) type: • domain_name_Host_X = Address_CES_X + hash_Host_X • E.g. host_x.foobar = MAC_CES_X + 1234

  9. CES Prototype • The implemented prototype differs slightly from CES concept • No PE devices • Prototype built on virtual PCs running Linux/Debian • Programming done with Python • DNS executed with DNSPython toolkit • Packet generating, sending and receiving done with Scapy

  10. Network Diagram: • 2 Hosts, 2 CES devices and DNS • IP routing (layer 3) in customer networks • Ethernet (layer 2) based routing in public network

  11. Evaluation • CES can be implemented with only a few modifications in the existing infrastructure • Only NAT and DNS need modifications • Hosts are still IPv4 stacked computers • CES works with most of the common protocols • According to testing, CES works with TCP, UDP, ICMP, HTTP and SSH • Still lacks compatibility with FTP and SIP

  12. Test Results • FTP and SIP fail as private addresses are placed in payload fields • FTP and SIP does not work with two NATs (or CESs) • Packet modification in CES could solve this

  13. Conclusions • The prototype proves the functioning of CES concept • CES solves the reachability problem • CES reuses IPv4 addresses effectively • CES excludes the need for IPv6 addresses • CES enhances security • No modification needed in end-hosts

  14. Future Research • Connecting CES prototype to other networks • Modification of CES prototype • Designing and choosing algorithms for calculating IDs

  15. Thank You!

More Related