A Near Term Solution for Home IP networking (HIPnet)

Similar documents
Experiences in Setting Up Automatic Home Networking. Jari Arkko Ericsson Research

Best Current Operational Practice for operators: choose. Jordi Palet

DHCPv6 OPERATIONAL ISSUES Tom Coffeen 4/7/2016

NETWORK VIRTUALIZATION IN THE HOME Chris Donley CableLabs

IPv6 Prefix Delegation for Hosts. Fred L. Templin IETF100 v6ops Working Group November 16, 2017

IPv6 Community Wifi. Unique IPv6 Prefix per Host. IPv6 Enhanced Subscriber Access for WLAN Access Gunter Van de Velde Public.

IPv6 Multi-Prefix Environment ~ Concept, Issues, and Solutions ~

Comcast IPv6 Trials NANOG50 John Jason Brzozowski

OSPFv3-Based Home Networking draft-arkko-homenet-prefix-assignment-02.txt. Jari Arkko, Ericsson Acee Lindem, Ericsson Benjamin Paterson, Cisco

Configuring Interfaces (Transparent Mode)

Completing Interface Configuration (Transparent Mode)

PRACTICAL IPV6 DEPLOYMENT FOR THE MASS MARKET

Chapter 7 LAN Configuration

Implementing DHCP for IPv6

Introduction to IPv6 - II

DHCPv6 Overview 1. DHCPv6 Server Configuration 1

MIPv6: New Capabilities for Seamless Roaming Among Wired, Wireless, and Cellular Networks

Chapter 3 LAN Configuration

IPv6 Deployment at the University of Pennsylvania

Internet Addresses Reading: Chapter 4. 2/11/14 CS125-myaddressing

DHCPv6 (RFC3315 RFC4361)

Internet Protocol v6.

D-Link DSR Series Router

Configuring MLD. Overview. MLD versions. How MLDv1 operates. MLD querier election

LTE7410. User s Guide. Quick Start Guide. LTE Outdoor CPE. Default Login Details. Version 2.60 Edition 1, 1/2016. LAN IP Address

IPv6: An Introduction

Patrick Grossetete Cisco Systems Cisco IOS IPv6 Product Manager 2003, Cisco Systems, Inc. All rights reserved.

IPv6 Address Planning

Covr your whole home in Seamless Wi-Fi

TD#RNG#2# B.Stévant#

IPv6 Access Services: DHCPv6 Prefix Delegation

MBC. Auto. Address. Networks. Mesh. uto- configuration for Wireless. Keecheon Kim. Konkuk University Seoul, Korea

Multihoming. Copy Rights

SECURITY IN AN IPv6 WORLD MYTH & REALITY. RIPE 68 Warsaw May 2014 Chris Grundemann

Implementing DHCP for IPv6

IETF Update about IPv6

Transitioning to IPv6

CCNA Exploration Network Fundamentals. Chapter 06 Addressing the Network IPv4

COMP 631: NETWORKED & DISTRIBUTED SYSTEMS 9/6/16 COMP 631: NETWORKED & DISTRIBUTED SYSTEMS. IP Addressing. Jasleen Kaur. Fall 2016

Dual-Stack lite. Alain Durand. May 28th, 2009

TR-177 IPv6 in the context of TR-101

IPV6 SIMPLE SECURITY CAPABILITIES.

IPv6 Client IP Address Learning

IPv4/v6 Considerations Ralph Droms Cisco Systems

CS 457 Networking and the Internet. Addressing. Topics 9/15/16. Fall 2016 Indrajit Ray

Yasuo Kashimura Senior Manager, Japan, APAC IPCC Alcatel-lucent

Introduction to Network Address Translation

RSC Part II: Network Layer 3. IP addressing (2nd part)

Implementing DHCP for IPv6

debug ip ospf database external default-metric subnet area 0 stub distribute-list in Serial0/1

Wireless Modem Router

Configuring the Service Discovery Gateway

Mapping of Address and Port (MAP) an ISPs Perspective. E. Jordan Gottlieb Principal Engineer Charter Communications

IP Multicast Addressing

Network Layer (Routing)

IPv6 IMPLEMENTATION IN VNPT

IPv6 Access Services: DHCPv6 Prefix Delegation

Learning/Playing with IPv6 at home. Keith Garner, Gradebook Team Lead

IPv6 Neighbor Discovery (ND) Problems with Layer-2 Multicast State

Copyright 2011 Nomadix, Inc. All Rights Reserved Agoura Road Suite 102 Agoura Hills CA USA White Paper

IPv6 Access Services: DHCPv6 Relay Agent

IPv6 Basics. APNIC Training Bali, Indonesia February, Jordi Palet - 1

ipv6 mobile home-agent (global configuration)

Internet Network Protocols IPv4/ IPv6

IPv4 addressing, NAT. Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley.

Network Configuration Example

Chapter 8: Subnetting IP Networks

Chapter 3 LAN Configuration

CSE/EE 461: Introduction to Computer Communications Networks Autumn Module 9

COPYRIGHTED MATERIAL. Con t e n t s. Chapter 1 Introduction to Networking 1. Chapter 2 Overview of Networking Components 21.

IPv6 Transition Technologies (TechRef)

Internetworking Part 2

Proposed Node and Network Models for M2M Internet

DHCP and DDNS Services

Internet Engineering Task Force (IETF) Obsoletes: 3315, 3633, 3736, 4242, 7083, 7283, 7550 B. Volz

3GPP TS V6.1.0 ( )

Unit 3: Dynamic Routing

A novel design for maximum use of public IP Space by ISPs one IP per customer

COE IPv6 Roadmap Planning. ZyXEL

Post IPv4 completion. Making IPv6 deployable incrementally by making it. Alain Durand

Internet Protocols Fall Lectures Inter-domain routing, mobility support, multicast routing Andreas Terzis

FIGURE 3. Two-Level Internet Address Structure. FIGURE 4. Principle Classful IP Address Formats

IPv6 Rapid Deployment (6rd) in broadband networks. Allen Huotari Technical Leader June 14, 2010 NANOG49 San Francisco, CA

MANET Autoconfiguration using DHCP.

IPv6 Associated Protocols. Athanassios Liakopoulos 6DEPLOY IPv6 Training, Skopje, June 2011

ODL Summit Bangalore - Nov 2016 IPv6 Design in OpenDaylight

Why IPv6? Roque Gagliano LACNIC

Guide to TCP/IP Fourth Edition. Chapter 6: Neighbor Discovery in IPv6

MikroTik RouterOS Training. Routing. Schedule. Instructors. Housekeeping. Introduce Yourself. Course Objective 7/4/ :00 10:30 Morning Session I

Copyright Statement. Disclaimer. Technical Support

Mobile IP and its trends for changing from IPv4 to IPv6

Enterprise Multihoming using Provider-Assigned Addresses without Network Prefix Translation: Requirements and Solution

3/10/2011. Copyright Link Technologies, Inc.

Internet Addresses (You should read Chapter 4 in Forouzan)

TR-177 IPv6 in the context of TR-101

Foreword xxiii Preface xxvii IPv6 Rationale and Features

IPv6 Deployment Experiences. John Jason Brzozowski

DHCP and DDNS Services for Threat Defense

User s Guide. GPT-2541GNAC Indoor GPON HGU. Default Login Details. User Name: admin Password: 1234

1 Connectionless Routing

Transcription:

A Near Term Solution for Home IP networking (HIPnet) draft-grundemann-homenet-hipnet RIPE 66 Dublin 14 May 2013 Chris Grundemann, Chris Donley, John Brzozowski, Lee Howard, Victor Kuarsingh

Yesterday s Home Network Internet Service Provider Wi-Fi Range Extension Home LAN 1 NAT NAT Home LAN 2

Emerging use cases for the home network Separation of guest users from home users Community Wi-Fi Wi-Fi GW in the subscriber home is used to provide Wi-Fi roaming services Femto cell GW in the subscriber home is used to provide cellular services Smart grid Security, Monitoring, & Automation Multi-homing Video content sharing and streaming between the devices inside the home IP video streaming from the internet Telecommuting and corporate IT requirements (e.g. network separation) Ever increasing devices in the subscriber home Emergence of Heterogeneous link layer technologies (e.g. low powered sensor networks) with different requirements

Tomorrow s Home Network Multiple SSIDs: Private, Guest, Community, ISP Branded, Etc. Wi-Fi Range Extension IP Sensor Gateway Home LAN 4 Internet Service Provider Home LAN 2 Home LAN 1 Key assumption: Home users will not be configuring advanced networks ZigBee Network Guest LAN Home LAN 3 Home Automation Gateway Home Entertainmen t Gateway

HIPnet is a Solution to Complex Home Networks A self-configuring home router architecture Capable of operating in increasingly large residential home networks Requires no user interaction for the vast majority of use-cases Uses existing protocols in new ways Does not require a routing protocol Meets the principles of draft-ietf-homenet-arch

Common Principles Guide HIPnet Home networks will become more complex, home users will not Invoking a god box leads to religious wars New protocols bring new problems We have enough addresses Use IPv6, support IPv4

HIPnet Meets Current Needs with Existing Functionality IPv6 is being deployed today (thankfully) Home networks are growing today A solution is needed today (or sooner) Based on RFC 6204/bis HIPnet works: running code Built on OpenWRT Updates to DHCP

HIPnet Works Self-Organizing: Directionless Routers Addressing: Recursive Prefix Delegation Routing: Hierarchical Routing Bonus: Multiple Address Family Support Supports arbitrary topologies, multihoming, security, and service discovery

Directionless Home Routers The HIPnet router sends Router Solicitations on all interfaces (except Wi-Fi*) The router adds any interface on which it receives an RA to the candidate 'up' list The router initiates DHCPv6 PD on all candidate 'up' interfaces. If no RAs are received, the router generates a /48 ULA prefix The router evaluates the offers received and chooses the winning offer as its Up Interface

Deterministic Up Interface Selection Criteria Valid GUA preferred (preferred/valid lifetimes >0) Internal prefix preferred over external (for failover - see Section [6.1]) Largest prefix (e.g. /56 preferred to /60) Link type/bandwidth (e.g. Ethernet vs. MoCA) First response (wait 1 s after first response for additional offers) Lowest numerical prefix

Example Up Detection ULA GUA GUA RS RA DHCP Req. Offer ULA GUA GUA R1 R2 R3 UP Default route

More Complicated Up Detection Example Internet PD req. UP R1 R2 /60 /64 R3 /64 R4

Directionless Routers Example: Rearranging the Network RS UP RS RA No RA UP Internet R1 R2 R3 R4 Also, see following slides for case where R4 ends up on same LAN as R1, R2, R3

HIPnet Creates a Logical Hierarchy from a Physically Arbitrary Network Internet Service Provider R1 R3 R4 R2 R5 Physical Connection IP Connection

Recursive Prefix Delegation Internet Service Provider Home LAN 1 Guest LAN Home LAN 2 Home LAN 3 Home LAN 4 ZigBee Network

Width Optimization If the received prefix is smaller than a /56 8 or more port routers divide on 3-bit boundaries (e.g. / 63) 7 or fewer port routers divide on 2-bit boundaries (e.g. / 62) If the received prefix is a /56 or larger 8 or more port routers divide on 4-bit boundaries (e.g. / 60) 7 or fewer port routers divide on 3-bit boundaries (e.g. / 59)

Hiearchical Routing Table Up ::/0 Default Router IA_PD Downstream IR s Up Interface IP Down

Multiple Address Family Support Recursive prefix delegation can be extended to support additional address types ULA, additional GUA, or IPv4 8 or 16 bit Link ID extrapolated from IA_PD Bits 56-64 or 48-64 Additional prefixes are prepended to Link ID Additional prefixes extrapolated from RA or DHCPv4 on Up Interface

Link ID 48b - ISP 16b Link GUA IPv6 Address64b Interface ID ID 48b - ULA /64 IPv4 10. /24

Multihoming Use-Cases Special purpose IP connection (e.g. IP Video) Backup connection (i.e. active/standby) True multihoming (i.e. active/active) (Info in backup slides)

The HIPnet Solution Directionless Home Routers Up Detection creates logical hierarchy Recursive Prefix Delegation Link ID allows multiple address families Hierarchical Routing Determinism without a routing protocol The next step in home networking!

Questions? @ChrisGrundemann chris@chrisgrundemann.com http://chrisgrundemann.com

Backup Slides Appendix

Recursive Prefix Delegation Based on DHCPv6 prefix delegation RFC3633 Inspired by a Simple Approach to Prefix Distribution in Basic Home Networks draft-chakrabarti-homenet-prefix-alloc HIPnet router receives prefix in IA_PD, breaks it up, and hands it out

HIPnet Addressing Details The HIPnet router acquires a prefix and then breaks it into sub-prefixes The first of these sub-prefixes is further broken into /64 interface-prefixes for use one on each of the router s down interfaces If the sub-prefix is too small to number all down interfaces, the router uses additional sub-prefixes as needed (in numerical order) If the aggregate prefix is too small to number all down interfaces, the router collapses them into a single IP interface, assigns a single /64 to that interface The remaining sub-prefixes are delegated via DHCPv6 to directly downstream routers as needed, in reverse numerical order

Hierarchical Routing The HIPnet router installs a single default 'up' route and a more specific 'down' route for each prefix delegated to a downstream IR down' routes point all packets destined to a given prefix to the WAN IP address of the router to which that prefix was delegated No routing protocol needed!

Multihoming Use-Cases Special purpose IP connection (e.g. IP Video) Backup connection (i.e. active/standby) True multihoming (i.e. active/active)

Special Purpose IP Connection IP video or other non-internet connection Some configuration allowed User or technician configured Managed or semi-managed Automated / configurationless Has been discussed Outside of current scope May be included in future versions of HIPnet

Backup Connection Active/standby with failover Default HIPnet use-case Internal prefix preferred in Up detection First CER to come online is primary Backup CER doesn t announce its prefix Upon failure of primary, secondary CER announces its prefix (becomes primary), tree is re-built Backup judges failure based on: Timeout (primary CER stops advertising GUA) Preferred, valid, & router lifetimes from primary set to 0

Backup Network Example Internet R1 RAs LTE R2 R3 R4

Multihoming Active/Active with load sharing Possible under HIPnet architecture Shared tree Primary CER (first active) builds hierarchical tree Secondary CER adds its prefix to existing tree Secondary can be same level (full multihoming) or lower level (VPN use-case) Requires NAT or source routing at CERs

Multihoming Algorithm CER performs prefix sub-delegation as described earlier hierarchical tree network Secondary CER (R4) obtains second prefix from ISP2 Advertises ISP2 prefix as part of RA Includes sub-prefixes from both ISPs in IA_PD (same link id ) Secondary CER points default route to ISP2, internal /48 route to upstream internal router (e.g. R1) Devices below R4 (e.g.r3, R5) use ISP2, but have full access to all internal devices using ISP1 prefix or ULAs If ISP2 link fails, traffic flows to ISP1 Devices not below R4 (e.g. R1, R2) use ISP1, but have full access to all internal devices using ISP1 prefix or ULAs Potential optimization - CER source routing default route selected based on packet Source IP address

Multihoming Network Example ISP 2 ISP1 R4 RA DHCP R1 (CER) R3 RA R2 RA R5 RA

VPN Multihoming Example Internet Service Provider ISP 2 R1 R4 R2 R3 R5

Multihoming FAQ What if the PD sizes from ISP1 and ISP2 are different? The hierarchy determined by DHCP (ISP1 in the example) Clarifying rule: routers MUST NOT act as DHCP client and server on same link. What if the L2 router picks the wrong L1 for default traffic? The wrong L1 forwards it to the right L1 What if we don t use the PD algorithm discussed above? Not guaranteed to work Routers only receive PD from one DHCP server Would require mechanism for sending ISP2 PD to the CER

Multicast Requirements HIPnet routers support service discovery through multicast forwarding Simple rules: MULTI-1: A HIPnet router MUST discard IP multicast packets that fail a Reverse Path Forwarding Check (RPFC). MULTI-2: A HIPnet router that determines itself to be at the edge of a home network (e.g. via CER_ID option, /48 verification, or other mechanism) MUST NOT forward IPv4 administratively scoped (239.0.0.0/8) packets onto the WAN interface. MULTI-3: HIPnet Routers MUST forward IPv4 Local Scope multicast packets (239.255.0.0/16) to all LAN interfaces except the one from which they were received. MULTI-4: A HIPnet router that determines itself to be at the edge of a home network (e.g. via CER_ID option, /48 verification, or other mechanism) MUST NOT forward site-scope (FF05::) IPv6 multicast packets onto the WAN interface. MULTI-5: HIPnet routers MUST forward site-scoped (FF05::/16) IPv6 multicast packets to all LAN interfaces except the one from which they were received. MULTI-6: A home router MAY discard IP multicast packets sent between Down Interfaces (different VLANs). MULTI-7: HIPnet routers SHOULD support an IGMP/MLD proxy, as described in [RFC4605].

Security & NAT Requirements SEC-1: The CER MUST enable a stateful [ RFC6092] firewall by default. SEC-2: HIPnet routers MUST only perform IPv4 NAT when serving as the CER. SEC-3: By default, HIPnet routers SHOULD configure IPv4 firewalling rules to mirror IPv6. SEC-4: HIPnet routers serving as CER SHOULD NOT enable UPnP IGD ([UPnP-IGD]) control by default.

IR Security Options Filtering Disabled Simple Security + PCP Advanced Security [ I-D.vyncke-advanced-ipv6-security]

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback