Multi-homing Considerations for DOTS Prague, July 2017
|
|
- Barnaby Hicks
- 5 years ago
- Views:
Transcription
1 Multi-homing onsiderations for DOT Prague, July 2017 M. Boucadair (Orange) T. Reddy (McAfee) 1
2 Objectives omplete the base DOT architecture with multihoming specifics Identify DOT deployment schemes in a multi-homing context Where the upstream transit provider(s) is offering DDo mitigation service Without recommending any favorite scheme ketch guidelines and recommendations for placing DOT requests in multi-homed networks, e.g.,: elect the appropriate DOT server(s) Identify cases where anycast is not recommended 2
3 Why is This Document Needed? end a DOT mitigation request to an arbitrary DOT server won t help mitigating a DDo attack Blindly forking all DOT mitigation requests among all available DOT servers is suboptimal equentially contacting DOT servers may increase the delay before a mitigation plan is enforced Guidance is therefore needed for DOT client/gateway implementations 3
4 Methodology Rely upon draft-ietf-dots-use-case to identify and extract viable deployment candidates Augment the description with multi-homing technicalities, e.g., One vs. multiple upstream network providers One vs. multiple interconnect routers Provider-Independent (PI) vs. Provider-Aggregatable (PA) Describe the recommended behavior of DOT clients and gateways for each case 4
5 ample Multi-Homing cenarios 1 2 R2 Provider 3 4 H1 PLMN R2 H2 LAN PE Fixed Access e.g., Enterprise s Residential PE 5
6 DOT in Multi-Homed s: erver ide DOT service can be offered by all or a subset of upstream providers, e.g., H1 PLMN H2 LAN PE Fixed Access The The server can can be be reached only from this this network H1 PLMN R2 H2 LAN PE Fixed Access 6
7 DOT in Multi-Homed s: lient ide Decides whether a request from is to be forked or not. Then, it forwards it to the appropriate server(s) G R2 R2 G G Provider Provider It decide whether a request is to be forwarded or not to its upstream server G R2 G H2 H1 LAN PE PLMN Fixed Access 7
8 Typical DOT Associations ingle PE, Multiple Upstream IPs Residential PE G Multiple PEs, Multiple Upstream IPs G2 1 2 G1 Guidance and recommendations are further elaborated in the draft ee the sample in the next slide 1 G2 G1 1 2 ingle upstream IP 8
9 ample Recommendations 1 2 The DOT client MUT be able to associate a DOT server with each upstream network The DOT client MUT resolve the DOT server's name provided by an upstream network using the DN servers learned from the same network The DOT client MUT use the source address selection algorithm as per RF6724 to select the candidate source addresses to contact each of these DOT servers DOT signaling sessions MUT be established and maintained with each of the DOT servers because the mitigation scope of these servers is restricted When conveying a mitigation request to protect the attack target(s), the DOT client among the DOT servers available MUT select a DOT server whose network has assigned the prefixes from which target prefixes and target IP addresses are derived 9
10 amples where Anycast is not Recommended PI G R2 G PA G R2 G Do traffic is still received from NP2 Do traffic is still received from NP2 10
11 Next teps ontributions are welcome onsider adopting this document as a WG to complement the DOT Architecture Questions? 11
DOTS Server(s) Discovery
DOTS Server(s) Discovery https://tools.ietf.org/html/draft-boucadair-dots-server-discovery Prague, July 2017 M. Boucadair (Orange) T. Reddy (McAfee) P. Patil (Cisco) 1 Context & Motivation A DOTS client
More informationArchitectural Approaches to Multi-Homing for IPv6
Architectural Approaches to Multi-Homing for IPv6 A Walk-Through of draft-huston-multi6-architectures-00 Geoff Huston June 2004 Recap Multi-Homing in IPv4 Either: Or: Obtain a local AS Obtain PI space
More informationProblem space matrix based on the guideline* Crossing IPv4 Island
Problem space matrix based on the guideline* Crossing IPv4 Island IPv6-Only Core Network Stateful RFC5571 (L2TP) DS-Lite (draft) Stateless RFC5969 (6rd) Our target 4rd (to be STD) (draft-despres-intarea-4rd)
More informationMultihoming. Copy Rights
Multihoming or provider independent addressing (possible usage) János Mohácsi NIIF/HUNGARNET Copy Rights This slide set is the ownership of the 6DISS project via its partners The Powerpoint version of
More informationMethods for Detection and Mitigation of BGP Route Leaks
Methods for Detection and Mitigation of BGP Route Leaks ietf-idr-route-leak-detection-mitigation-00 (Route leak definition: draft-ietf-grow-route-leak-problem-definition) K. Sriram, D. Montgomery, and
More informationEnhanced Feasible-Path Unicast Reverse Path Filtering draft-sriram-opsec-urpf-improvements-01
Enhanced Feasible-Path Unicast Reverse Path Filtering draft-sriram-opsec-urpf-improvements-01 K. Sriram and D. Montgomery OPSEC Working Group Meeting, IETF-99 July 2017 Acknowledgements: The authors are
More informationRID IETF Draft Update
RID IETF Draft Update Kathleen M. Moriarty INCH Working Group 29 March 2005 This work was sponsored by the Air Force under Air Force Contract Number F19628-00-C-0002. "Opinions, interpretations, conclusions,
More informationAPT Incremental Deployment
APT Incremental Deployment Dan Jen, Michael Meisel, Daniel Massey, Lan Wang, Beichuan Zhang, Lixia Zhang http://www.cs.ucla.edu/~meisel/draft-apt-incremental-00.txt 1 Why This Talk Incrememtal deployability
More informationAPT: A Practical Transit-Mapping Service Overview and Comparisons
APT: A Practical Transit-Mapping Service Overview and Comparisons draft-jen-apt Dan Jen, Michael Meisel, Dan Massey, Lan Wang, Beichuan Zhang, and Lixia Zhang The Big Picture APT is similar to LISP at
More informationPRACTICAL IPV6 DEPLOYMENT FOR THE MASS MARKET
PRACTICAL IPV6 DEPLOYMENT FOR THE MASS MARKET Kristoffer Larsen Network Development Engineer kri@telia.net THE HISTORY OF MASS MARKET IPV6 WITHIN TELIA COMPANY On fixed access Telia Company launched an
More informationAdvisory Guidelines for 6to4 Deployment
Advisory Guidelines for 6to4 Deployment draft-carpenter-v6ops-6to4[-teredo]-advisory-03 Brian Carpenter March 2011 1 Acknowledgements Very useful and practical input from at least 20 people: Emile Aben,
More informationEnterprise Multihoming using Provider-Assigned Addresses without Network Prefix Translation: Requirements and Solution
Enterprise Multihoming using Provider-Assigned Addresses without Network Prefix Translation: Requirements and Solution Draft-bowbakova-rtgwg-enterprise-pa-multihoming-00 F. Baker, C. Bowers, J. Linkova
More informationVERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT
VERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT VOLUME 4, ISSUE 4 4TH QUARTER 2017 Complimentary report supplied by CONTENTS EXECUTIVE SUMMARY 3 VERISIGN-OBSERVED DDoS ATTACK TRENDS: Q4 2017 4 DDoS
More informationRunning A Highly Scaled Registry DNS Platform. ICANN 55 Tech Day Anycast Panel Chris Griffiths -
ICANN 55 Tech Day Anycast Panel Chris Griffiths - chris.griffiths@nominet.uk 1 About Nominet WE ARE AN INTERNATIONAL INTERNET COMPANY DELIVERING PUBLIC BENEFIT As an operator of one of the largest Registries
More informationProxy Mobile IPv6 draft-ietf-netlmm-proxymip6-01.txt
Proxy Mobile IPv6 draft-ietf-netlmm-proxymip6-01.txt NETLMM WG, IETF 69 Sri Gundavelli (sgundave@cisco.com) Kent Leung (kleung@cisco.com) Vijay Devarapalli (vijay.devarapalli@azairenet.com) Kuntal Chowdhury
More informationNetwork-Assisted MPTCP
IETF 98 th Network-Assisted IETF#98, Chicago, March 2017 M. Boucadair (Orange) C. Jacquenet (Orange) O. Bonaventure (Tessares) W. Henderickx (ALU/Nokia) R. Skog (Ericsson) D. Behaghel (OneAccess) S. Secci
More informationIPv6 implementation in a multi-vendor network.
IPv6 implementation in a multi-vendor network. Roque Gagliano www.antel.com.uy Agenda motivation. first experience. backbone deployment. addressing. routing. multi-vendor environment. conclusion / next
More informationPrefix Pool Option for DHCPv6 Relay Agents on Provider Edge Routers
Prefix Pool Option for DHCPv6 Relay Agents on Provider Edge Routers draft-yeh-dhc-dhcpv6-prefix-pool-opt-05 IETF 81 DHC Jul. 28 th, 2011 Leaf Yeh & Tina Tsou Huawei Technologies Mohamed Boucadair - France
More informationUnicast Reverse Path Forwarding Loose Mode
The feature creates a new option for Unicast Reverse Path Forwarding (Unicast RPF), providing a scalable anti-spoofing mechanism suitable for use in multihome network scenarios. This mechanism is especially
More informationThe Design Space of Network Mobility
The Design Space of Network Mobility Key ideas Network Mobility Seamless Mobility Overview of implementations and challenges Geomorphic model New abstraction for the network stack Helps us discuss, understand
More informationConverged World. Martin Capurro
Information Management in a Converged World Martin Capurro Qwest Product Management Agenda I. Changes In Information Technology II. III. IV. Exploring Technology Trends vs. Needs What is the Buying Opportunity
More informationRecommendations for DNS Privacy Service Operators
Recommendations for DNS Privacy Service Operators Presenter: Sara Dickinson sara@sinodun.com Co-authors: Roland van Rijswijk-Deij, Allison Mankin, Benno Overeinder 1 Brief history of DNS Privacy Date 2
More informationExperiences in Setting Up Automatic Home Networking. Jari Arkko Ericsson Research
Experiences in Setting Up Automatic Home Networking Jari Arkko Ericsson Research 1 Background This is NOT about home gateway routers And NOT about ISPs and their IPv6 services But it IS about IPv6 networks
More informationIPv6 DOTS Signal Option
IPv6 DOTS Signal Option draft-francois-dots-ipv6-signal-option-01 Jérôme François, Inria, jerome.francois@inria.fr Abdelkader Lahmadi, Université de Lorraine, abdelkader.lahmadi@loria.fr Marco Davids,
More informationIPv6 Multi-Prefix Environment ~ Concept, Issues, and Solutions ~
IPv6 Multi-Prefix Environment ~ Concept, Issues, and Solutions ~ APNIC Meeting 22 - IPv6 technical SIG Intec NetCore, Inc. IPv6 R&D Group Ken-ichi Kanayama What is IPv6 Multi-Prefix environment? IPv6 Multi-Prefix
More informationIPV6 SIMPLE SECURITY CAPABILITIES.
IPV6 SIMPLE SECURITY CAPABILITIES. 50 issues from RFC 6092 edited by J. Woodyatt, Apple Presentation by Olle E. Johansson, Edvina AB. ABSTRACT The RFC which this presentation is based upon is focused on
More informationunrestricted DOTS use cases draft-mglt-dots-use-cases-00.txt D. Migault 21/07/2015- IETF93- Prague
unrestricted DOTS use cases draft-mglt-dots-use-cases-00.txt D. Migault 21/07/2015- IETF93- Prague Introduction The goal of the presentation are: To agree on the use case that are in scope of DOTS (to
More informationDDoS Protection in Backbone Networks
DDoS Protection in Backbone Networks The Czech Way Pavel Minarik, Chief Technology Officer Holland Strikes Back, 3 rd Oct 2017 Backbone DDoS protection Backbone protection is specific High number of up-links,
More informationIPv6 Rapid Deployment (6rd) in broadband networks. Allen Huotari Technical Leader June 14, 2010 NANOG49 San Francisco, CA
Rapid Deployment () in broadband networks Allen Huotari Technical Leader ahuotari@cisco.com June 14, 2010 NANOG49 San Francisco, CA 1 Why IP Tunneling? IPv4 Tunnel Tunnel IPv4 IPv4 Retains end-end IP semantics
More informationDoD UC Framework 2013, Section 13 Table of Contents TABLE OF CONTENTS
, Table of Contents TABLE OF CONTENTS SECTION PAGE Security Devices... 13-1 13.1 Physical Security... 13-1 13.2 Security Devices Security Design... 13-1 13.3 Network Security Design... 13-1 13.4 Requirements
More informationIntended status: Standards Track. K. Patel Cisco J. Haas Juniper Networks June 30, 2014
Routing Area Working Group Internet-Draft Intended status: Standards Track Expires: January 1, 2015 S. Litkowski Orange A. Simpson Alcatel Lucent K. Patel Cisco J. Haas Juniper Networks June 30, 2014 Applying
More informationIPv4/v6 Considerations Ralph Droms Cisco Systems
Title IPv4/v6 Considerations Ralph Droms Cisco Systems Agenda Motivation for IPv6 Review of IPv6 Impact of differences Tools and techniques Why IPv6? More addresses More addresses More addresses Security,
More informationDDoS on DNS: past, present and inevitable. Töma Gavrichenkov
DDoS on DNS: past, present and inevitable Töma Gavrichenkov DNS DDoS types Volumetric: amplification, other floods Water torture and the likes DNS DDoS problem statement DNS is built on
More informationIP Multicast. Overview. Casts. Tarik Čičić University of Oslo December 2001
IP Multicast Tarik Čičić University of Oslo December 00 Overview One-to-many communication, why and how Algorithmic approach (IP) multicast protocols: host-router intra-domain (router-router) inter-domain
More informationInternet Engineering Task Force (IETF) Category: Best Current Practice. Cisco Systems July IPv6 Prefix Length Recommendation for Forwarding
Internet Engineering Task Force (IETF) Request for Comments: 7608 BCP: 198 Category: Best Current Practice ISSN: 2070-1721 M. Boucadair France Telecom A. Petrescu CEA, LIST F. Baker Cisco Systems July
More informationProgrammatic Interface to Routing
Programmatic Interface to Routing NANOG 61 Draft version, slides will be updated before presentation Applications and Networks Routing system players: the Application and the Network. Different interdependent
More informationRIB Size Estimation for BGPSEC
RIB Size Estimation for BGPSEC Trustworthy Networking Program K. Sriram (with O. Borchert, O. Kim, D. Cooper, and D. Montgomery) IETF-81 SIDR WG Meeting July 28, 2011 Contacts: ksriram@nist.gov, dougm@nist.gov
More informationIPv6 Enablement for Enterprises. Waliur Rahman Managing Principal, Global Solutions April, 2011
IPv6 Enablement for Enterprises Waliur Rahman Managing Principal, Global Solutions April, 2011 PROPRIETARY STATEMENT This document and any attached materials are the sole property of Verizon and are not
More informationTransition To IPv6 October 2011
Transition To IPv6 October 2011 Fred Bovy ccie #3013 fred@fredbovy.com 2011 Fred Bovy fred@fredbovy.com. Transition to IPv6 1 1st Generation: The IPv6 Pioneers Tunnels for Experimental testing or Enterprises
More informationInterconnecting Cisco Networking Devices Part 1 ICND1
Interconnecting Cisco Networking Devices Part 1 ICND1 Course Length: 5 days Course Delivery: Traditional Classroom Online Live Course Overview Interconnecting Cisco Networking Devices, Part 1 (ICND1) v3.0
More informationAttack Fingerprint Sharing: The Need for Automation of Inter-Domain Information Sharing
Attack Fingerprint Sharing: The Need for Automation of Inter-Domain Information Sharing RIPE 50 Stockholm, Sweden Danny McPherson danny@arbor.net May 3, 2005 Agenda What s a bot and what s it used for?
More informationINTRODUCTION: DDOS ATTACKS GLOBAL THREAT INTELLIGENCE REPORT 2015 :: COPYRIGHT 2015 NTT INNOVATION INSTITUTE 1 LLC
INTRODUCTION: DDOS ATTACKS 1 DDOS ATTACKS Though Denial of Service (DoS) and Distributed Denial of Service (DDoS) have been common attack techniques used by malicious actors for some time now, organizations
More informationIntroduction to The Internet
Introduction to The Internet ITU/APNIC/MOIC IPv6 Workshop 19 th 21 st June 2017 Thimphu These materials are licensed under the Creative Commons Attribution-NonCommercial 4.0 International license (http://creativecommons.org/licenses/by-nc/4.0/)
More informationA Near Term Solution for Home IP networking (HIPnet)
A Near Term Solution for Home IP networking (HIPnet) draft-grundemann-homenet-hipnet RIPE 66 Dublin 14 May 2013 Chris Grundemann, Chris Donley, John Brzozowski, Lee Howard, Victor Kuarsingh Yesterday s
More informationGlobal Table Multicast with BGP-MVPN Protocol draft-zzhang-mboned-mvpn-global-table-mcast-00
Global Table Multicast with BGP-MVPN Protocol draft-zzhang-mboned-mvpn-global-table-mcast-00 Jeffrey Zhang, Lenny Giuliano Juniper Dante Pacella Verizon Jason Schiller - Google Problem Statement Global
More informationNETCONF Access Control
NETCONF Access Control draft-bierman-netconf-access-control-01 IETF 77, March 2010 Andy Bierman andyb@iwl.com Agenda Why does NETCONF need a standard access control model (ACM)? What are the functional
More information9 STEPS FOR FIGHTING AGAINST DDOS ATTACKS IN REAL-TIME.
9 STEPS FOR FIGHTING AGAINST DDOS ATTACKS IN REAL-TIME www.haltdos.com info@haltdos.com Slow network performance or a single website downtime can cause serious revenue damage to any online business, both
More informationdraft-ietf-v6ops-tunnel-loops - Update and Status
draft-ietf-v6ops-tunnel-loops - Update and Status IETF V6OPS WG - March 31, 2011 Fred L. Templin Boeing Research & Technology fred.l.templin@boeing.com BOEING is a trademark of Boeing Management Company.
More informationCCIE Service Provider
CCIE Service Provider 1.0 Core Routing 25% 30% 1.1. Interior Gateway Protocol 1.1.a. Describe, implement, and troubleshoot IS-IS 1.1.b. Describe, implement, and troubleshoot OSPFv2 and OSPFv3 1.1.c. Describe
More information6421A: Configuring and Troubleshooting a Windows Server 2008 Network Infrastructure
www.peaksolutions.com 6421A: Configuring and Troubleshooting a Windows Server 2008 Network Infrastructure Course 6421A: Five days; Instructor-Led Introduction This five-day instructor-led course provides
More informationFast Reroute for Node Protection in LDP based LSPs
Fast Reroute for Node Protection in LDP based LSPs draft-esale-mpls-ldp-node-frr-00 Raveendra Torvi (rtorvi@juniper.net) Luay Jalil (luay.jalil@verizon.com) Luyuan Fang (lufang@microsoft.com) Santosh Esale
More informationPIM adjacencies and multicast blackhole mitigation issues draft-morin-mboned-mcast-blackhole-mitigation-01
IETF 71 th meeting, Philadelphia PIM WG PIM adjacencies and multicast blackhole mitigation issues draft-morin-mboned-mcast-blackhole-mitigation-01 Thomas Morin Gregory Cauchie (Orange Labs) 1 Context Context
More informationEVPN BUM Procedures Update
EVPN BUM Procedures Update Jeffrey Zhang, Wen Lin Jorge Rabadan, Keyur Patel IETF 93, Prague EVPN BUM Procedures RFC 7432 (EVPN) refers to RFC 7117 (VPLS Multicast) for quite some EVPN BUM procedures RFC
More informationPlanning for Information Network
Planning for Information Network Lecture 7: Introduction to IPv6 Assistant Teacher Samraa Adnan Al-Asadi 1 IPv6 Features The ability to scale networks for future demands requires a limitless supply of
More informationIntroduction to The Internet
Introduction to The Internet ITU/APNIC/MICT IPv6 Security Workshop 23 rd 27 th May 2016 Bangkok Last updated 5 th May 2015 1 Introduction to the Internet p Topologies and Definitions p IP Addressing p
More informationIPv6 Addressing. There are three types of IPV6 Addresses. Unicast:Multicast:Anycast
IPv6 Addressing There are three types of IPV6 Addresses. Unicast:Multicast:Anycast Unicast IPv6 addresses A unicast address identifies a single interface within the scope of the type of unicast address.
More informationConsiderations and Actions of Content Providers in Adopting IPv6
Considerations and Actions of Content Providers in Adopting IPv6 Sheng Jiang / Huawei Brian Carpenter / University of Auckland www.huawei.com IPv6 Trends Global IPv4 registry (IANA) ran out of spare blocks
More informationNetwork Assisted MPTCP
Network Assisted MPTCP draft-boucadair-mptcp-plain-mode-08 draft-peirens-mptcp-transparent-00 S. Barré (Tessares) D. Behaghel (OneAccess) O. Bonaventure (Tessares) M. Boucadair (Orange) W. Cloetens (SoftAtHome)
More informationComcast IPv6 Trials NANOG50 John Jason Brzozowski
Comcast IPv6 Trials NANOG50 John Jason Brzozowski October 2010 Overview Background Goals and Objectives Trials Observations 2 Background Comcast IPv6 program started over 5 years ago Incrementally planned
More informationNew Generation Open Content Delivery Networks
Open ContEnt Aware Networks New Generation Open Content Delivery Networks Yannick Le Louédec Orange Labs Workshop Future Media Distribution. November 10 th, 2011 www.ict-ocean.eu The research leading to
More informationIPv6 at Google. Lorenzo Colitti
IPv6 at Google Lorenzo Colitti lorenzo@google.com Why IPv6? IPv4 address space predictions (G. Huston) Why IPv6? Cost Buying addresses will be expensive Carrier-grade NAT may be expensive Lots of session
More informationMIPv6: New Capabilities for Seamless Roaming Among Wired, Wireless, and Cellular Networks
Page 1 M: New Capabilities for Seamless Roaming Among Wired, Wireless, and Cellular Networks Paul Schmitz Technical Marketing Engineer Geoff Weaver Business Development Manager Copyright 2002. *Third-party
More informationExposing Source IP Address Type Requirements with DHCPv6
Exposing Source IP Address Type Requirements with DHCPv6 draft-moses-dmm-dhcp-ondemand-mobility-01 D. Moses, A. Yegin Agenda Introduction Quick reminder about DHCPv6 options Proposed new options Discussion
More informationSupporting QoS Aware Data Delivery in Information Centric Networks
Supporting QoS Aware Data Delivery in Information Centric Networks IETF-102 @ Montreal, Canada. Sunday, July 15, 2018 Anil Jangam, Prakash Suthar, Milan Stolic (Cisco Systems) draft-anilj-icnrg-icn-qos-00.txt
More informationIPv6 Roaming Behavior Analysis draft-chen-v6ops-ipv6-roaming-analysis-00. IETF 87- Berlin, August 2013
IPv6 Roaming Behavior Analysis draft-chen-v6ops-ipv6-roaming-analysis-00 IETF 87- Berlin, August 2013 Gang Chen Hui Deng China Mobile China Mobile Motivations We are experiencing some issues if IPv6 subscribers
More informationIPv6 Deployment at the University of Pennsylvania
IPv6 Deployment at the University of Pennsylvania Jorj Bauer and Shumon Huque University of Pennsylvania Educause Mid-Atlantic Regional Conference, Philadelphia, PA January 8 th, 2009 Outline Why you should
More informationRID IETF Draft Update
RID IETF Draft Update Kathleen M. Moriarty INCH Working Group 5 August 2004 This work was sponsored by the Air Force under Air Force Contract Number F19628-00-C-0002. "Opinions, interpretations, conclusions,
More informationMapping of Address and Port (MAP) an ISPs Perspective. E. Jordan Gottlieb Principal Engineer Charter Communications
Mapping of Address and Port () an ISPs Perspective E. Jordan Gottlieb Principal Engineer Charter Communications jordan.gottlieb@charter.com Agenda What is? Benefits of in Action Algorithms in Action Deployment
More informationNetwork Policy Enforcement
CHAPTER 6 Baseline network policy enforcement is primarily concerned with ensuring that traffic entering a network conforms to the network policy, including the IP address range and traffic types. Anomalous
More informationDHCPv6 OPERATIONAL ISSUES Tom Coffeen 4/7/2016
1 2016 2013 Infoblox Inc. All Inc. Rights All Reserved. Rights Reserved. DHCPv6 OPERATIONAL ISSUES Tom Coffeen 4/7/2016 ABOUT THE PRESENTER Tom Coffeen IPv6 Evangelist Infoblox @ipv6tom tom@ipv6.works
More informationDraft Recommendation X.sdnsec-3 Security guideline of Service Function Chain based on software defined network
Draft Recommendation X.sdnsec-3 Security guideline of Service Function Chain based on software defined network Summary This recommendation is to analyze the security threats of the SDN-based Service Function
More informationF5 DDoS Hybrid Defender : Setup. Version
F5 DDoS Hybrid Defender : Setup Version 13.1.0.3 Table of Contents Table of Contents Introducing DDoS Hybrid Defender... 5 Introduction to DDoS Hybrid Defender...5 DDoS deployments... 5 Example DDoS Hybrid
More informationMulticast Communications. Tarik Čičić, 4. March. 2016
Multicast Communications Tarik Čičić, 4. March. 06 Overview One-to-many communication, why and how Algorithmic approach: Steiner trees Practical algorithms Multicast tree types Basic concepts in multicast
More informationVirtual Subnet : A L3VPN-based Subnet Extension Solution for Cloud Data Center Interconnect
Virtual Subnet : A L3VPN-based Solution for Cloud Data Center Interconnect draft-xu-virtual-subnet-09 Xiaohu Xu (Huawei) Susan Hares (Huawei) Yongbing Fan (China Telecom) Christian Jacquenet (France Telecom)
More informationLISP: Intro and Update
LISP: Intro and Update RIPE Berlin May, 2008 Vince Fuller (for Dino, Dave, Darrel, et al) http://www.vaf.net/prezos/lisp-ripe-short.pdf Agenda What is LISP? What problem is LISP solving? www.vaf.net/prezos/rrg-prague.pdf
More informationMembership test for Mapping Information optimization draft-flinck-lisp-membertest-00
Membership test for Mapping Information optimization draft-flinck-lisp-membertest-00 1 Nokia Siemens Networks HFl / 18.3.2010 The problem we are addressing If an Ingress Tunnel Router acting as a gateway
More informationDHCPv6 Option for IPv4-Embedded Multicast and Unicast IPv6 Prefixes
Internet Engineering Task Force (IETF) M. Boucadair Request for Comments: 8115 Orange Category: Standards Track J. Qin ISSN: 2070-1721 Cisco T. Tsou Philips Lighting X. Deng The University of New South
More informationFramework of Vertical Multi-homing in IPv6-based NGN
ITU-T Recommendation Y.ipv6-vmh Framework of Vertical Multi-homing in IPv6-based NGN Summary This Recommendation describes a framework of vertical multi-homing in IPv6-based NGN. This Recommendation identifies
More informationIPv6 IMPLEMENTATION IN VNPT
IPv6 IMPLEMENTATION IN VNPT VŨ XUÂN NHÀN 11/2016 NOC VNPT Net 1 Contents 6PE/6VPE model IPv6 implementation in VNPT Service models IPv6 allocation IPv6 CPE IPv6 security threats Problems 11/29/2016 VNNIC
More information10Gb/s on FDDI-grade MMF Cable. 5 Criteria Discussion Slides. SG 10Gb/s on FDDI-grade MMF
10Gb/s on Cable 5 Criteria Discussion Slides 1 5 Criteria Review The following draft 5 criteria for the 10Gb/s on FDDI-grade multimode are provided for initial discussion purposes within the study group
More informationIPv6 migration challenges and Security
IPv6 migration challenges and Security ITU Regional Workshop for the CIS countries Recommendations on transition from IPv4 to IPv6 in the CIS region, 16-18 April 2014 Tashkent, Republic of Uzbekistan Desire.karyabwite@itu.int
More informationIPv6 Addressing Guide. Revision: H2CY10
IPv6 Addressing Guide Revision: H2CY10 Who Should Read This Guide Related Documents Before reading this guide LAN Deployment Guide This document is for the reader who: Wants a general understanding of
More informationIPv6: Are we really ready to turn off IPv4?
IPv6: Are we really ready to turn off IPv4? In-situ transition In-situ transition Phase 1 Early Deployment IPv4 Internet Edge Dual-Stack Networks IPv6 networks interconnect by IPv6-over-IPv4 tunnels In-situ
More informationBringing SDN to the Internet, one exchange point at the time
Bringing SDN to the Internet, one exchange point at the time Joint work with: Arpit Gupta, Muhammad Shahbaz, Sean P. Donovan, Russ Clark, Brandon Schlinker, E. Katz-Bassett, Nick Feamster, Jennifer Rexford
More informationGlobal Table Multicast with BGP-MVPN
Global Table Multicast with BGP-MVPN draft-zzhang-l3vpn-mvpn-global-table-mcast London, 89 th IETF L3VPN WG 2013-Nov-7 1 Summary Original draft targeted for Mboned and presented in 86 th IETF (in L3VPN)
More information10970B: Networking with Windows Server
10970B: Networking with Windows Server Course Details Course Code: Duration: Notes: 10970B 5 days This course syllabus should be used to determine whether the course is appropriate for the students, based
More informationThe case for IPv6-only data centres...and how to pull it off in today's IPv4-dominated world
The case for IPv6-only data centres...and how to pull it off in today's IPv4-dominated world Tore Anderson Redpill Linpro AS PLNOG10, Warszawa, February 2013 Our traditional DC layout VLAN cust. 1 ~150
More informationISP Border Definition. Alexander Azimov
ISP Border Definition Alexander Azimov ISP goal (one ASN) BGP Decision Process Step Attribute Transit 1 Highest Local Preference value Non-transit 2 Lowest AS Path length Transit 3 Lowest
More informationHierarchical Fabric Designs The Journey to Multisite. Lukas Krattiger Principal Engineer September 2017
Hierarchical Fabric Designs The Journey to Multisite Lukas Krattiger Principal Engineer September 2017 A Single Fabric, a Single Data Center External Layer-3 Network Pod 1 Leaf/ Topologies (aka Folded
More informationConEx Concepts and Abstract Mechanism draft-ietf-conex-abstract-mech-07.txt
onx oncepts and Abstract Mechanism draft-ietf-conex-abstract-mech-07.txt Matt Mathis, Google Bob Briscoe, BT ITF-87 onx Jul 2013 Bob Briscoe s contribution is partly funded by Trilogy 2, a research project
More informationNAT444+v6 Softwire. Shin Miyakawa, Ph.D. NTT Communications Corporation
NAT444+v6 Softwire Shin Miyakawa, Ph.D. NTT Communications Corporation miyakawa@nttv6.jp NAT444 + Softwire This is not IDEAL solution, we know There are several (maybe serious) problems However so, this
More informationSNIA Discussion on iscsi, FCIP, and IFCP Page 1 of 7. IP storage: A review of iscsi, FCIP, ifcp
SNIA Discussion on iscsi, FCIP, and IFCP Page 1 of 7 IP storage: A review of iscsi, FCIP, ifcp SNIA IP Storage Forum With the advent of new IP storage products and transport protocol standards iscsi, FCIP,
More informationFederal & NASA IPv6 Updates
Federal & NASA IPv6 Updates LinkedIn Headquarters Sunnyvale, CA Kevin L. Jones NASA IPv6 Transition Manager April 26, 2017 December 1, 2016 September 28, 2010 OMB Memo USG IPv6 Implementation Goals 1.
More informationUsing MSDP to Interconnect Multiple PIM-SM Domains
Using MSDP to Interconnect Multiple PIM-SM Domains This module describes the tasks associated with using Multicast Source Discovery Protocol (MSDP) to interconnect multiple Protocol Independent Multicast
More informationA Evolvable RANGI Transition Strategy
A Evolvable RANGI Transition Strategy 1 Overview 5 Types of Sites: Progressive deployment of RANGI Interoperability between Type i and j (Total 10 cases) More RANGI deployment Smaller BGP Tables Less Address
More informationIntroduction to IP Routing. Geoff Huston
Introduction to IP Routing Geoff Huston Routing How do packets get from A to B in the Internet? A Internet B Connectionless Forwarding Each router (switch) makes a LOCAL decision to forward the packet
More informationNative Deployment of ICN in 4G/LTE Mobile Networks
Native Deployment of ICN in 4G/LTE Mobile Networks Prakash Suthar, Milan Stolic, Anil Jangam Cisco Systems Inc. IETF-99 (Prague), 19 July 2017 https://tools.ietf.org/html/draft-suthar-icnrg-icn-lte-4g-02
More informationObsoletes: RFC 1164 ANS Editors October Application of the Border Gateway Protocol in the Internet
Network Working Group Request for Comments: 1268 Obsoletes: RFC 1164 Y. Rekhter T.J. Watson Research Center, IBM Corp. P. Gross ANS Editors October 1991 Application of the Border Gateway Protocol in the
More informationConfiguring IP Multicast Routing
34 CHAPTER This chapter describes how to configure IP multicast routing on the Cisco ME 3400 Ethernet Access switch. IP multicasting is a more efficient way to use network resources, especially for bandwidth-intensive
More informationNetwork Working Group. Updates: 6890 (if approved) Intended status: Best Current Practice Expires: November 3, 2017
Network Working Group Internet-Draft Updates: 6890 (if approved) Intended status: Best Current Practice Expires: November 3, 2017 R. Bonica Juniper Networks M. Cotton ICANN B. Haberman Johns Hopkins University
More information