Wp6 components usages requirements and availability karen egede nielsen ericsson telebit
This presentation is the property of its rightful owner.
Sponsored Links
1 / 20

WP6 components. Usages, Requirements and Availability Karen Egede Nielsen, Ericsson Telebit PowerPoint PPT Presentation


  • 73 Views
  • Uploaded on
  • Presentation posted in: General

6WINIT meeting Tübingen 01.10.01 - 03.10.01. WP6 components. Usages, Requirements and Availability Karen Egede Nielsen, Ericsson Telebit. Background material : D2 – The status of Gateways and Relays. WP6 – D2. WP6 components. IPv4/IPv6 Transition and tunnelling mechanisms

Download Presentation

WP6 components. Usages, Requirements and Availability Karen Egede Nielsen, Ericsson Telebit

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Wp6 components usages requirements and availability karen egede nielsen ericsson telebit

6WINIT meeting

Tübingen

01.10.01 - 03.10.01

WP6 components. Usages, Requirements and AvailabilityKaren Egede Nielsen, Ericsson Telebit

Background material : D2 – The status of Gateways and Relays

WP6 – D2


Wp6 components

WP6 components

  • IPv4/IPv6 Transition and tunnelling mechanisms

  • IP security mechanisms

  • Mobile IPv6 support

  • Quality of Service gatewaying mechanisms

  • Signalling gateways

  • Multimedia conferencing gateways

  • WAP gateways

    Described in D2

WP6 – D2


Ipv6 ipv4 transition mechanisms

IPv6/IPv4 transition mechanisms

+ IP Security possible

 Quality of Service

  • Tunnelling mechanisms

    • Connection between IPv6 islands over IPv4 networks.

    • IPv6 connection between a dual stack host located on an IPv4 network and IPv6 hosts.

    • IPv4 connection between a dual stack host located on an IPv6 network and IPv4 hosts)

      Configured (+ automatic) tunnels 6in4 (and 4in6), IPv6 tunnel Broker, 6to4, Dual Stack Transition Mechanism (DSTM)

  • Transition mechanisms

    • Communications between an IPv6 only and an IPv4 only host.

    • (IPv6 only to IPv6 only via two-times translation to and from IPv4)

      “SIIT-like” - stateless, no single point of failure

      NAT-PT with DNS, FTP and SIP ALGs – stateful, single point of failure

+ Quality of Service

 IP security not possible

WP6 – D2


Wp6 transition mechanisms

IPv6 User

IPv4 Network

IPv6 network

6to4 Prefix

IPv6 network

6to4 Prefix

6to4

Tunnelling

IPv6 User

IPv4 User

IPv6 User

IPv6 Network

NAT-PT or

SIIT

Translator

IPv4 Network

IPv6 Network

Tunnelling

DSTM

Tunnel

Broker

DHCPv6

IPv6User

IPv6/IPv4 User

IPv6/IPv4 User

WP6 Transition Mechanisms

WP6 – D2

Source: M. Ford /BT


Wp6 components usages requirements and availability karen egede nielsen ericsson telebit

WP6 Transition Mechanisms - Overview

WP6 – D2


Bt s interworking toolkit

  • DSTM system

    • DNS, DHCP,

    • client, edge router

NAT-PT

IPv4 User

IPv6 User

IPv4 Network

IPv6 Network

  • Tunnel Broker

Tunnel

Broker

DSTM

DHCPv6

IPv6/IPv4 User

IPv6/IPv4 User

BT’s Interworking Toolkit

  • Ultima contains:

    • NAT-PT

      • ALGs for DNS, ftp, SIP

Source: M. Ford /BT


6wind ip edge devices

IP v4 or v6

backbone

6WIND IP Edge Devices

GRAPHICAL

MANAGEMENT

CENTRE

6WIND

IP Edge Device

IPv4 or/and v6

LANs

6WIND

IP Edge Device

6WIND

IP Edge Device

IPv6 & IPv4 transition tunnels

WP6 – D2

Source: P. Conversin/6WIND


Ted axi462 and the ted rxi prototype

IPv4

IPv6

IPv6

IPv6

IPv6

”SIIT”

RXI

NAT-PT

AXI/RXI

AXI/RXI

TED AXI462 and the TED RXI prototype

IPv6 Network

IPv6 host

IPv6 host

Tunnelling

IPv6 Network

IPv6 Network

IPv4 Network

IPv6 host

FTP

DNS

IPv6 host with ”translated IPv4” address

IPv4 host

The IPv6/IPv4 translation functions of the AXI 462 and the RXI 820 Prototype Router. (“SIIT” denotes the SIIT-like mechanism of the AXI 462)

WP6 – D2


Ip security gateways vpn enabling

IP v4 or v6

backbone

AXI 462/ RXI

AXI 462/ RXI

IP Security Gateways – VPN enabling

6WIND

IP Edge Device

  • 6WIND Edge device – Available now

  • VPNs via IP SEC AH and ESP for IPv4 and IPv6,

  • Static keys

  • IKE with pre-shared keys as well as X509 Certificates

6WIND

IP Edge Device

Firewall v4/v6 (IP Filtering)

IPSEC Tunnels (VPN)

6WIND

IP Edge Device

  • TED AXI462 - Available now

  • VPNs via IP SEC AH and ESP for IPv6,

  • Transport and tunnel mode

  • Static keys only

  • TED RXI Prototype – Q1/Q2 2002

  • VPNs via IP SEC AH and ESP for IPv6 and IPv4

IPv6(/IPv4) Backbone

Site I

Site II

IP SEC Tunnels

WP6 – D2


Wp6 components usages requirements and availability karen egede nielsen ericsson telebit

IPSec Gateway

Secure Domain

Router

WLAN Access Point

Road Warrior - Overview

  • VPN security solution for mobile hosts

  • Mobility support – though not seamless and interworking with Mobile IP not possible

Internet

WP6 – D2

Source: W. Fritsche/IABG


Mobile ipv6 support

1

Home

Network

IPv6

Network

Home Agent

2

3

IPv6 in IPv6 Tunnelling

Foreign

Network

CN

MN

Mobile IPv6 Support

  • Basic framework of communication

  • in Mobile IPv6

  • The mobile node (MN) is always reachable by its home address via theHome Agent.

  • Packets from a corresponding node (CN) containing an entry for the MN’s present CoA in the binding cache will be send directly to MN using a routing header.

  • Packets from MN to any IPv6 node will be send with CoA as source address and MN’s home address in the Home Address option.

  • 6WIND EDGE Device

  • MIPv6 Home Agent in compliance with draft – 13 with some restrictions

  • TED AXI462 and TED RXI Prototype

  • MIPv6 Home Agent in compliance with draft – 13 with some restrictions

  • Automatic Home Agent Discovery supported (no time out)

  • Security Restriction : Authentication of BUs and BUAcks.

WP6 – D2


Mobile ipv6 and security

Mobile IPv6 and Security

Security issue within the Mobile IPv6 protocol

  • Authentication of BUs and BUAck - protection against traffic hijacking

    • Use IP SEC AH (or ESP) for authentication

    • Special Mobile IPv6 authentication mechanism

      Currently under revision – Awaiting draft – 15.

      “External” interworking with IP SEC

  • Enable Mobile IPv6 host to use IP SEC for authentication and encryption

    • Use of the Home Address option (CoA in IPv6 source address header)

WP6 – D2


Mipv6 and security

MIPv6 and security

VPN solution in 6WIND EDGE Device

Correspondent Node

Router

VPN IPSec

Prefix

Mobile Node

(Care of address -

Autoconfiguration)

Home agent

WP6 – D2

Source: P. Conversin/6WIND


Mipv6 and wireless 6wind

MIPv6 and wireless - 6WIND

Autoconfiguration + automatic

DNS update via DHCPv6

Mobile Node:

MobileIPv6,

DHCPv6 client

DNS server Bind v9.1.2

DHCPv6 server

Edge DeviceDHCPv6 relay

IPv6 LAN

Mobile Node

802.11b

Access Point

WP6 – D2

Source: P. Conversin/6WIND


Mobile ipv6 usages requirements

Mobile IPv6 usages Requirements

Basic Mobility

  • Mobile IPv6 stacks on mobile hosts

  • Mobile IPv6 stacks on corresponding nodes

    Mobile and Security

  • Security stacks on MNs and CNs

    Mobile and Translation mechanisms

  • Interworking netween Mobile IPv6 and NAT-PT will NOT be there

WP6 – D2


Quality of service support in wp6 components

Quality of Service support in WP6 components

  • Integrated Services : RSVP Resource Reservation end-to-end through the networkfor IPv6 and IPv4 –

    • Controlled Load and Guaranteed Delay

      Host must support RSVP.

      Ericsson Telebit AXI 462

  • Differentiated services : Traffic conditioning and classification at the edge of the Network

    • Assured Forwarding and Expedited Forwarding PHB

      Based on DS-field or five-tuple [DestAddress, ProtocolID, DestPort, SourceAddress, SourcePort] –Host need not support use of DS-field

      6WIND EDGE Device, Ericsson Telebit AXI 462

WP6 – D2


Support for multimedia conferencing in 6winit networks sip gateways tzi

Support for Multimedia Conferencingin 6WINIT NetworksSIP Gateways, TZI

  • General functionality

    • Support for call signalling and media gatewaying/forwarding functions wrt to heterogeneous networks

  • Some usage scenarios:

    • IP telephony call from wired IPv4 network to an endpoint in a wireless IPv6 network

    • Conference bridge

      • Accommodate heterogeneous end systems

      • Call control functionality

      • Media transformation

    • IP Telephony calls with PSTN endpoints

      • PSTN gateways (signalling and media transport)

WP6 – D2

Source: D. Kutscher /TZI


6winit deployment scenarios

6WINIT Deployment Scenarios

  • Mobile ambulance

    • Audio and video conferencing

    • Not over GPRS 

  • Multimedia conferencing at hospital sites(IP-Telephony)

    • Basic telephony services with IPv4/IPv6 interoperability

    • Conferencing services for workgroups

    • PSTN-Gateways

WP6 – D2

Source: D. Kutscher /TZI


Wp6 components usages requirements and availability karen egede nielsen ericsson telebit

Signalling Protocol

SIP

H.323

ControllerAndSignallingGateway

Controller

PolicyModules

ControlApplets

Control Protocol

Controller

Media(Transcoding)Gateway

IPv4->IPv6

Transcoder

Media Stream

Mixer

WP6 – D2

Source: D. Kutscher /TZI


Status

Status

  • Media processor available as a first prototype

    • Basic relaying functionality

      • IPv4  IPv6

      • Multicast Unicast

    • Transcoding

    • Mixing currently being implemented

  • Signalling/control components

    • Adaptation work in progress

      • Porting SIP and H.323 modules to IPv6

    • Some infrastructure work has been finished

      • Mbus etc.

  • Plattform & Programming Language:

    • Unix (so far), C++

WP6 – D2

Source: D. Kutscher /TZI


  • Login