1 / 8

Multi-Subnet MANETs draft-thaler-autoconf-multisubnet-manets-00.txt

Multi-Subnet MANETs draft-thaler-autoconf-multisubnet-manets-00.txt. Dave Thaler dthaler@microsoft.com. Goals. Support multiple addresses per MANET router RFC3041 addresses CGAs, HBAs Etc Support non-MANET clients attached to MANET routers Even support MANET as transit if desired

hayj
Download Presentation

Multi-Subnet MANETs draft-thaler-autoconf-multisubnet-manets-00.txt

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Multi-Subnet MANETsdraft-thaler-autoconf-multisubnet-manets-00.txt Dave Thaler dthaler@microsoft.com IETF 65

  2. Goals • Support multiple addresses per MANET router • RFC3041 addresses • CGAs, HBAs • Etc • Support non-MANET clients attached to MANET routers • Even support MANET as transit if desired • Don’t break assumptions that many upper-layer applications and protocols are based on • See draft-thaler-intarea-multilink-subnet-issues-00.txt • TTL 1 goes across subnet • Link-scoped unicast/multicast goes across subnet • If interface claims to be broadcast capable, then app mcast/bcast seen by all receivers on subnet • Use existing MANET/AUTOCONF protocols with little/no changes IETF 65

  3. Architecture Internet gateway Internet gateway MANET • MANET routing protocol and AUTOCONF configuration protocol work within MANET environment Clients Clients Clients Clients IETF 65

  4. Let’s look at a non-MANET example: • Address assigned to loopback interface is used for communication • Session stays up across loss of a path (e.g. interface down) • Solution relies on forwarding being enabled Loopback0 2.2.2.2 Loopback0 1.1.1.1 peering session BGP Router BGP Router multiple paths IETF 65

  5. Multi-subnet MANET architecture • MANET environment uses a site (not subnet) prefix • Assign a prefix to each MANET router • AUTOCONF protocol allocates prefixes not addresses • Supports multiple addresses, clients, etc. • Assign the prefix to a loopback interface • or to a non-MANET interface (e.g., if have clients) • MANET node picks address(es) in that prefix as it would on any other interface • MANET interface(s): • Unnumbered (IPv4) • Link-local address only (IPv6) • MANET routing protocol exchanges prefix routes IETF 65

  6. What do applications/protocols running on the MANET node see? • Primary subnet = one link • That link contains itself, plus any non-MANET clients • TTL=1 or 255 works as expected • Multicast/broadcast works as expected • Upper layer apps/protocols “just work” • Wireless link has no subnet prefix • That link contains itself plus all neighboring MANET routers (broadcast == “MANETcast”) • Since has no global addresses, apps/protocols generally ignore it • Communication across the entire MANET would be site-scoped multicast • May or may not be supported, just like in non-MANET environment IETF 65

  7. Impact on protocol design • MANET routing protocol: • As long as it supports prefixes, no change • “MANETcast” = normal bcast / link-scoped mcast on wireless link • AUTOCONF configuration protocol: • Must be capable of allocating a unique prefix rather than a single address • Should still detect duplicate layer-2 addresses • Should still detect duplicate IPv6 link-local addresses IETF 65

  8. Security Impact • Unchanged: • Need to secure routing protocol • Need to secure configuration protocol • Better: • Reduces scope of on-link attacks in various protocols • Doesn’t change assumptions other protocols use for security • ND, etc using TTL=255 check • SEND works as is • Narrower scope of link/subnet also makes social mitigations easier IETF 65

More Related