master thesis supporting ipv6 host based multihoming
play

Master Thesis Supporting IPv6 host-based multihoming (shim6) in - PowerPoint PPT Presentation

Sep 23, 2023 •102 likes •422 views

Theoretic overview Shim6 and Firewalls: Problem statement Implementation Performance evaluation Configuring a shim6-firewall Conclusion Master Thesis Supporting IPv6 host-based multihoming (shim6) in Linux Firewalls Christoph Paasch

  1. Theoretic overview Shim6 and Firewalls: Problem statement Implementation Performance evaluation Configuring a shim6-firewall Conclusion Master Thesis Supporting IPv6 host-based multihoming (shim6) in Linux Firewalls Christoph Paasch December 20, 2010 Christoph Paasch Master Thesis - Shim6-firewall

  2. Theoretic overview Shim6 and Firewalls: Problem statement Implementation Performance evaluation Configuring a shim6-firewall Conclusion Theoretic overview 1 Shim6 and Firewalls: Problem statement 2 Implementation 3 Performance evaluation 4 Configuring a shim6-firewall 5 Conclusion 6 Christoph Paasch Master Thesis - Shim6-firewall

  3. Theoretic overview Shim6 and Firewalls: Problem statement Multihoming Implementation Shim6 Performance evaluation Statefull firewall Configuring a shim6-firewall Conclusion Theoretic overview 1 Multihoming Shim6 Statefull firewall Shim6 and Firewalls: Problem statement 2 Design of the shim6 firewall Implementation 3 Shim6-firewall architecture Performance evaluation 4 Configuring a shim6-firewall 5 Conclusion 6 Christoph Paasch Master Thesis - Shim6-firewall

  4. Theoretic overview Shim6 and Firewalls: Problem statement Multihoming Implementation Shim6 Performance evaluation Statefull firewall Configuring a shim6-firewall Conclusion Multihoming Supporting IPv6 host-based multihoming (shim6) in Linux Firewalls Christoph Paasch Master Thesis - Shim6-firewall

  5. Theoretic overview Shim6 and Firewalls: Problem statement Multihoming Implementation Shim6 Performance evaluation Statefull firewall Configuring a shim6-firewall Conclusion Multihoming Supporting IPv6 host-based multihoming (shim6) in Linux Firewalls Christoph Paasch Master Thesis - Shim6-firewall

  6. Theoretic overview Shim6 and Firewalls: Problem statement Multihoming Implementation Shim6 Performance evaluation Statefull firewall Configuring a shim6-firewall Conclusion Multihoming Supporting IPv6 host-based multihoming (shim6) in Linux Firewalls Christoph Paasch Master Thesis - Shim6-firewall

  7. Theoretic overview Shim6 and Firewalls: Problem statement Multihoming Implementation Shim6 Performance evaluation Statefull firewall Configuring a shim6-firewall Conclusion Shim6 Supporting IPv6 host-based multihoming ( shim6 ) in Linux Firewalls Christoph Paasch Master Thesis - Shim6-firewall

  8. Theoretic overview Shim6 and Firewalls: Problem statement Multihoming Implementation Shim6 Performance evaluation Statefull firewall Configuring a shim6-firewall Conclusion Shim6 Supporting IPv6 host-based multihoming ( shim6 ) in Linux Firewalls Christoph Paasch Master Thesis - Shim6-firewall

  9. Theoretic overview Shim6 and Firewalls: Problem statement Multihoming Implementation Shim6 Performance evaluation Statefull firewall Configuring a shim6-firewall Conclusion Shim6 Supporting IPv6 host-based multihoming ( shim6 ) in Linux Firewalls Christoph Paasch Master Thesis - Shim6-firewall

  10. Theoretic overview Shim6 and Firewalls: Problem statement Multihoming Implementation Shim6 Performance evaluation Statefull firewall Configuring a shim6-firewall Conclusion Shim6 Supporting IPv6 host-based multihoming ( shim6 ) in Linux Firewalls Christoph Paasch Master Thesis - Shim6-firewall

  11. Theoretic overview Shim6 and Firewalls: Problem statement Multihoming Implementation Shim6 Performance evaluation Statefull firewall Configuring a shim6-firewall Conclusion Shim6 Separate Locators from Identifiers. Identifier Identifies a connection and is passed to the upper layer protocols. Locators Used inside the packet. Christoph Paasch Master Thesis - Shim6-firewall

  12. Theoretic overview Shim6 and Firewalls: Problem statement Multihoming Implementation Shim6 Performance evaluation Statefull firewall Configuring a shim6-firewall Conclusion Shim6 Shim6 control messages Establish the shim6 session Assure connectivity Switch locators Shim6 payload messages Transport payload-data, tagged with the context tag Christoph Paasch Master Thesis - Shim6-firewall

  13. Theoretic overview Shim6 and Firewalls: Problem statement Multihoming Implementation Shim6 Performance evaluation Statefull firewall Configuring a shim6-firewall Conclusion Statefull firewall Supporting IPv6 host-based multihoming(shim6) in Linux Firewalls Christoph Paasch Master Thesis - Shim6-firewall

  14. Theoretic overview Shim6 and Firewalls: Problem statement Multihoming Implementation Shim6 Performance evaluation Statefull firewall Configuring a shim6-firewall Conclusion Statefull firewall Supporting IPv6 host-based multihoming(shim6) in Linux Firewalls Christoph Paasch Master Thesis - Shim6-firewall

  15. Theoretic overview Shim6 and Firewalls: Problem statement Multihoming Implementation Shim6 Performance evaluation Statefull firewall Configuring a shim6-firewall Conclusion Statefull firewall Supporting IPv6 host-based multihoming(shim6) in Linux Firewalls Christoph Paasch Master Thesis - Shim6-firewall

  16. Theoretic overview Shim6 and Firewalls: Problem statement Multihoming Implementation Shim6 Performance evaluation Statefull firewall Configuring a shim6-firewall Conclusion Statefull firewall Supporting IPv6 host-based multihoming(shim6) in Linux Firewalls Christoph Paasch Master Thesis - Shim6-firewall

  17. Theoretic overview Shim6 and Firewalls: Problem statement Implementation Design of the shim6 firewall Performance evaluation Configuring a shim6-firewall Conclusion Theoretic overview 1 Multihoming Shim6 Statefull firewall Shim6 and Firewalls: Problem statement 2 Design of the shim6 firewall Implementation 3 Shim6-firewall architecture Performance evaluation 4 Configuring a shim6-firewall 5 Conclusion 6 Christoph Paasch Master Thesis - Shim6-firewall

  18. Theoretic overview Shim6 and Firewalls: Problem statement Implementation Design of the shim6 firewall Performance evaluation Configuring a shim6-firewall Conclusion Shim6 vs. Stateful Firewalls Christoph Paasch Master Thesis - Shim6-firewall

  19. Theoretic overview Shim6 and Firewalls: Problem statement Implementation Design of the shim6 firewall Performance evaluation Configuring a shim6-firewall Conclusion Shim6 vs. Stateful Firewalls Christoph Paasch Master Thesis - Shim6-firewall

  20. Theoretic overview Shim6 and Firewalls: Problem statement Implementation Design of the shim6 firewall Performance evaluation Configuring a shim6-firewall Conclusion Solution Associate the new flow to the original state Track shim6 context establishment Map Context Tag to the pair of identifiers Problems Shim6 does not allow support of each feature in stateful firewalls. Shim6 needs to be changed. Christoph Paasch Master Thesis - Shim6-firewall

  21. Theoretic overview Shim6 and Firewalls: Problem statement Implementation Shim6-firewall architecture Performance evaluation Configuring a shim6-firewall Conclusion Theoretic overview 1 Multihoming Shim6 Statefull firewall Shim6 and Firewalls: Problem statement 2 Design of the shim6 firewall Implementation 3 Shim6-firewall architecture Performance evaluation 4 Configuring a shim6-firewall 5 Conclusion 6 Christoph Paasch Master Thesis - Shim6-firewall

  22. Theoretic overview Shim6 and Firewalls: Problem statement Implementation Shim6-firewall architecture Performance evaluation Configuring a shim6-firewall Conclusion Shim6-Firewall architecture Christoph Paasch Master Thesis - Shim6-firewall

  23. Theoretic overview Shim6 and Firewalls: Problem statement Implementation Shim6-firewall architecture Performance evaluation Configuring a shim6-firewall Conclusion Shim6-Firewall architecture Christoph Paasch Master Thesis - Shim6-firewall

  24. Theoretic overview Shim6 and Firewalls: Problem statement Implementation Performance evaluation Configuring a shim6-firewall Conclusion Theoretic overview 1 Multihoming Shim6 Statefull firewall Shim6 and Firewalls: Problem statement 2 Design of the shim6 firewall Implementation 3 Shim6-firewall architecture Performance evaluation 4 Configuring a shim6-firewall 5 Conclusion 6 Christoph Paasch Master Thesis - Shim6-firewall

  25. Theoretic overview Shim6 and Firewalls: Problem statement Implementation Performance evaluation Configuring a shim6-firewall Conclusion Test Setup Creation of a huge number of firewall-states Delay measured that the firewall introduces Christoph Paasch Master Thesis - Shim6-firewall

  26. Theoretic overview Shim6 and Firewalls: Problem statement Implementation Performance evaluation Configuring a shim6-firewall Conclusion Session Initiation messages Delay introduced by the firewall for shim6/TCP state initiation messages 100 TCP-syn on shim6-firewall I1-message on shim6-firewall TCP-syn on clean Kernel 90 80 70 Delay in micro-seconds 60 50 40 30 20 10 0 50000 100000 150000 200000 250000 300000 Number of states created Christoph Paasch Master Thesis - Shim6-firewall

  27. Theoretic overview Shim6 and Firewalls: Problem statement Implementation Performance evaluation Configuring a shim6-firewall Conclusion Theoretic overview 1 Multihoming Shim6 Statefull firewall Shim6 and Firewalls: Problem statement 2 Design of the shim6 firewall Implementation 3 Shim6-firewall architecture Performance evaluation 4 Configuring a shim6-firewall 5 Conclusion 6 Christoph Paasch Master Thesis - Shim6-firewall

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

On the Cost of Supporting Mobility and Multihoming Mobility and Multihoming Vatche Ishakian,

On the Cost of Supporting Mobility and Multihoming Mobility and Multihoming Vatche Ishakian,

On the Cost of Supporting Mobility and Multihoming Mobility and Multihoming Vatche Ishakian, Ibrahim Matta, Joseph Akinwumi Computer Science Boston University I. Matta 1 Mobility = Dynamic Multihoming Mobility Dynamic Multihoming Hosts

404 views • 24 slides
IPv6 Site Multihoming: Now What? (A view on what we should be doing now)

IPv6 Site Multihoming: Now What? (A view on what we should be doing now)

IPv6 Site Multihoming: Now What? (A view on what we should be doing now) draft-savola-multi6-nowwhat-00.txt Pekka Savola, CSC/FUNET Now WHAT? Now WHAT? Assumptions One size fits all solutions are only possible in fantasy or a long term

108 views • 8 slides
Host profiling based on remote measurements Robert Kulzer Advisor: Ralph Holz Master Thesis

Host profiling based on remote measurements Robert Kulzer Advisor: Ralph Holz Master Thesis

Host profiling based on remote measurements Robert Kulzer Advisor: Ralph Holz Master Thesis Chair for Network Architectures and Services Technische Universit at M unchen January 9, 2013 Robert Kulzer (TU M unchen) Host profiling

1.55k views • 24 slides
Discussion on Host-based IPv6 Translation denghui@chinamobile.com Outline Conventional IPv4

Discussion on Host-based IPv6 Translation denghui@chinamobile.com Outline Conventional IPv4

Discussion on Host-based IPv6 Translation denghui@chinamobile.com Outline Conventional IPv4 application support Network scenarios Why we need host based translation Vs DS Lite, NAT64, Double NAT Signaling procedure of

310 views • 20 slides
Master of Statistics Thesis Milestones in Toledo A short introduction for the Master thesis

Master of Statistics Thesis Milestones in Toledo A short introduction for the Master thesis

Master of Statistics Thesis Milestones in Toledo A short introduction for the Master thesis student 2018-2019 1 Purpose of the Master's thesis Milestones The different milestone forms offer you (the student), your supervisor(s) and the

496 views • 17 slides
SDN-based defense against known IPv6 link-layer attacks Bachelors thesis final talk Andres

SDN-based defense against known IPv6 link-layer attacks Bachelors thesis final talk Andres

Fakultt fr Informatik Technische Universitt Mnchen SDN-based defense against known IPv6 link-layer attacks Bachelors thesis final talk Andres Rauschecker Advisor: Lukas Schwaighofer Supervisor: Prof. Dr.-Ing. Georg Carle Chair of

402 views • 26 slides
IPv6 TLS Security Scanning Master Thesis Intermediate Talk Pirmin Blanz 28.09.2016 Chair of

IPv6 TLS Security Scanning Master Thesis Intermediate Talk Pirmin Blanz 28.09.2016 Chair of

Chair of Network Architectures and Services Technical University of Munich IPv6 TLS Security Scanning Master Thesis Intermediate Talk Pirmin Blanz 28.09.2016 Chair of Network Architectures and Services Department of Informatics Technical

188 views • 15 slides
Masters Thesis Information SoC Master Program, year 2 SoC Master Program, year 2 Elena

Masters Thesis Information SoC Master Program, year 2 SoC Master Program, year 2 Elena

Masters Thesis Information SoC Master Program, year 2 SoC Master Program, year 2 Elena Dubrova November 19, 2008 Outline Goals and Evaluation Master thesis course Checklist Requirements Thesis report Link to

623 views • 20 slides
Networking Updates Roopa Prabhu Aug 14, 2020 Linux Kernel dataplane for an Open standards based

Networking Updates Roopa Prabhu Aug 14, 2020 Linux Kernel dataplane for an Open standards based

Networking Updates Roopa Prabhu Aug 14, 2020 Linux Kernel dataplane for an Open standards based multihoming protocol 2 Traditional Multihoming peerlink switch2 switch1 Host2 Host1 3 Open Multihoming solution with VxLAN Overlay E-VPN

673 views • 11 slides
How to write a Master's Thesis PhDr. Ing. Antonn Pavlek, Ph.D. PREPARATION Students

How to write a Master's Thesis PhDr. Ing. Antonn Pavlek, Ph.D. PREPARATION Students

How to write a Master's Thesis PhDr. Ing. Antonn Pavlek, Ph.D. PREPARATION Students learning how to write a Master's Thesis should first focus on a central thesis question it must be presented and subsequently answered. A

665 views • 17 slides
Master Thesis Preparations: Modelling and Identification of the HalfWing Jonas Schlagenhauf

Master Thesis Preparations: Modelling and Identification of the HalfWing Jonas Schlagenhauf

Master Thesis Preparations: Modelling and Identification of the HalfWing Jonas Schlagenhauf September 5, 2016 1 / 1 Objective of the master thesis NMPC of a constrained model airplane Develop system and tools Record data

517 views • 14 slides
Security of IPv6 and DNSSEC for penetration testers Vesselin Hadjitodorov Master education

Security of IPv6 and DNSSEC for penetration testers Vesselin Hadjitodorov Master education

Security of IPv6 and DNSSEC for penetration testers Vesselin Hadjitodorov Master education System and Network Engineering June 30, 2011 Agenda Introduction DNSSEC security IPv6 security Conclusion Questions Security of IPv6

625 views • 33 slides
A Code-Based Cryptosystem using GRS Codes Violetta Weger University of Zurich Master Thesis

A Code-Based Cryptosystem using GRS Codes Violetta Weger University of Zurich Master Thesis

A Code-Based Cryptosystem using GRS Codes Violetta Weger University of Zurich Master Thesis Presentation Seminar Coding Theory and Cryptography 07 December 2016 Violetta Weger Code-based Cryptosystem using GRS Codes Outline 1 Motivation 2

1.31k views • 61 slides
Public IPv4 over Access IPv6 Network draft-cui-softwire-host-4over6-04 Y. Cui, J. Wu, P . Wu

Public IPv4 over Access IPv6 Network draft-cui-softwire-host-4over6-04 Y. Cui, J. Wu, P . Wu

Public IPv4 over Access IPv6 Network draft-cui-softwire-host-4over6-04 Y. Cui, J. Wu, P . Wu Tsinghua Univ. C. Metz Cisco Systems O. Vautrin Juniper Networks Y. Lee Comcast Outline Introduction Basic idea & use cases

824 views • 16 slides
IPv6: Where are we in 2017? Based on Internet Society 2017 report

IPv6: Where are we in 2017? Based on Internet Society 2017 report

IPv6: Where are we in 2017? Based on Internet Society 2017 report https://www.internetsociety.org/doc/state-ipv6-deployment-2017 June 6, 2017 History of IPv6 1990: IETF realized that IPv4 address space would run out Took steps to

588 views • 25 slides
Enterprise Multihoming using Provider-Assigned Addresses without Network Prefix Translation:

Enterprise Multihoming using Provider-Assigned Addresses without Network Prefix Translation:

Enterprise Multihoming using Provider-Assigned Addresses without Network Prefix Translation: Requirements and Solution Draft-bowbakova-rtgwg-enterprise-pa-multihoming-00 F. Baker, C. Bowers, J. Linkova IETF96, Berlin, July 2016 1 Problems

422 views • 31 slides
Intelligent Locker Classification Barcode Lockers RFID Card Lockers Password Lockers Key

Intelligent Locker Classification Barcode Lockers RFID Card Lockers Password Lockers Key

Intelligent Locker Classification Barcode Lockers RFID Card Lockers Password Lockers Key Lockers Fingerprint Lockers On-line Lockers Intelligent Mailbox Intelligent Locker Common Features Flexible configuration: Building block design,

190 views • 16 slides
Status of Grid Computing in India P.S.Dhekne, India Coordinator LCG May 2, 2006 P.S.Dhekne, BARC

Status of Grid Computing in India P.S.Dhekne, India Coordinator LCG May 2, 2006 P.S.Dhekne, BARC

Status of Grid Computing in India P.S.Dhekne, India Coordinator LCG May 2, 2006 P.S.Dhekne, BARC Talk at ISGS 2006 Taiwan 1 Mega Science Projects Todays science is based on worldwide collaborations by sharing computations, data and

755 views • 31 slides
Is it time to rewrite the operating system in Rust? Bryan Cantrill CTO bryan@joyent.com

Is it time to rewrite the operating system in Rust? Bryan Cantrill CTO bryan@joyent.com

Is it time to rewrite the operating system in Rust? Bryan Cantrill CTO bryan@joyent.com @bcantrill Spoiler alert What even is the operating system? The operating system is harder to define than it might seem For every definition,

239 views • 23 slides
Day 3 Agenda for Today Formulate simple problem statement Revisit the workload

Day 3 Agenda for Today Formulate simple problem statement Revisit the workload

Day 3 Agenda for Today Formulate simple problem statement Revisit the workload characterization problem. Present detailed (step by step) derivation of the workload. Workload Modeling Workload modeling is used to generate

554 views • 39 slides
Creating a Multimedia Presentation Using PowerPoint Slides to Enhance Your Profile of an

Creating a Multimedia Presentation Using PowerPoint Slides to Enhance Your Profile of an

Creating a Multimedia Presentation Using PowerPoint Slides to Enhance Your Profile of an Influential Person Project Summary: When a California company called Forethought, Inc. developed the PowerPoint software program in 1984, they changed forever

213 views • 3 slides
Team Multimedia Presentation Checklist

Team Multimedia Presentation Checklist

Team Multimedia Presentation Checklist

382 views • 3 slides
M U L T I M E D I A I N T E R N A T I O N A L Look x Novena The Look team has partnered We

M U L T I M E D I A I N T E R N A T I O N A L Look x Novena The Look team has partnered We

M U L T I M E D I A I N T E R N A T I O N A L Look x Novena The Look team has partnered We engage in concept, consulting, with Novena Digital Media planning, design, and production of Studio to colloborate on multimedia projects, digital media

461 views • 17 slides
Cross-Layer Wireless Multimedia Transmission: Challenges, Principles and New Paradigms Mihaela

Cross-Layer Wireless Multimedia Transmission: Challenges, Principles and New Paradigms Mihaela

Cross-Layer Wireless Multimedia Transmission: Challenges, Principles and New Paradigms Mihaela Van Scharr, Sai Shankar Overview of Presentation Multimedia transmission in wireless networks. Part 1: meeting QoS constraints Part 2:

288 views • 26 slides

More recommend