SlideShare ist ein Scribd-Unternehmen logo

I pv6 routing_protocol_for_low_power_and_lossy_

•
•
Sheetal Kshirsagar
Sheetal Kshirsagar
Technologie
1 von 37
IPv6 Routing Protocol for Low power and Lossy Networks draft-ietf-roll-rpl-19 draft-ietf-6man-rpl-routing-header-07 Andrew Williams Sheetal Kshirsagar
Agenda • Overview of RPL - o Topology/Topology Construction o Types of Routes o Traffic Flows supported o Overview of control messages (high level)  DIS, DIO, DAO, DAO-ACK, CC o Upward/Downward route creation and maintenance • Overview of Source-Routing Headers for RPL o Format of header o RPL Router Behavior o Security Considerations • Initial Project Plan o What's already been done o List messages we will have to decode,
Definitions • Low power and Lossy Networks (LLN) o Network where routers and links are constrained • IPv6 Routing Protocol for LLN (RPL) o Mechanism for routing traffic flows in LLNs
Survey of Routing Protocols Source: Siarhei Kuryla, Networks and Distributed Systems seminar, http://cnds.eecs.jacobs-university.de/courses/nds-2010/kuryla-rpl.pdf
Topology • Forms one or more Destination Oriented Directed Acyclic Graphs (DODAGs) between nodes Source: Siarhei Kuryla, Networks and Distributed Systems seminar, http://cnds.eecs.jacobs-university.de/courses/nds-2010/kuryla-rpl.pdf
Topology/Topology Construction • An LLN is divided into one or more RPL Instance • Each instance may have one or more DODAG • Each node joins one DODAG per RPL Instance • Each RPL Instance has an Objective Function used to rank nodes based on different metrics • Rank is the distance a node is from a DODAG root • Links established from higher rank nodes to lower rank ones • Each DODAG has a version, when changes occur the ranks are recalculated and version incremented (initiated by DODAG root)
Topology Construction (Visually) Source: Siarhei Kuryla, Networks and Distributed Systems seminar, http://cnds.eecs.jacobs-university.de/courses/nds-2010/kuryla-rpl.pdf
Routes in RPL • Upward Routes o Routes from nodes towards root o Learned during ranking/parent selection through control messages (DIO) • Downward Routes o Routes away from root towards node, learned via control messages (DAO) o Handle according to RPL Instance mode of operation: o Storing Mode  Nodes may store the down routes, route packets down o Non-Storing Mode  Only root stores routes, all packets go to root and source routed down
Traffic Flows Supported • Multipoint-to-Point (MP2P) o Ex: One node providing a sink for many o Uses up routes • Point-to-Multipoint (P2MP) o Ex: Firmware update sent to all nodes o Uses down routes toward destinations (prefixes, addresses, or multicast groups), and away from roots • Point-to-Point (P2P) o A packet flows towards a root through up routes until it reaches an ancestor that has a known down route to the destination or the root.
Overview of Control Messages • Uses ICMPv6 with Type = 155 • Code specifies type of control message • Base is where the message goes
Control Message Bases • DODAG Information Solicitation (DIS) • DODAG Information Object (DIO) • DODAG Advertisement Object (DAO) • DODAG Advertisement Object ACK (DAO-ACK) • Consistency Check (CC)
Overview of Control Messages - DIS • DODAG Information Solicitation (DIS) • Used to probe neighbors for nearby DODAGs • Can be used to solicit DIO messages
Overview of Control Messages - DIO • DODAG Information Object (DIO) • Allows nodes to discover an RPL Instance, learn the configuration parameters, select a DODAG parent, and maintain the DODAG
Overview of Control Messages - DAO • Destination Advertisement Object (DAO) • Sends node information to the DODAG root • K - A DAO-ACK is expected • D - DODAGID field is present
Overview of Control Messages - DAO-ACK • Destination Advertisement Object ACK (DAO-ACK) • DAOSequence - Corresponds to DAO message
Overview of Control Messages - CC • Consistency Check • Used for challenges/responses and for checking secure message counters • Must be sent using the Secure RPL Message format
Secure Control Messages • Each control message also has a secure version • Security section above included in message (before base) • Provides integrity and replay protection, with optional confidentiality and delay protection
Control Message Options • PAD1 o Add single octet of padding for option alignment • PADN o Add two or more octets for padding • Metric Container (DIO, DAO) o Pass node, link, and aggregate path metrics • Route Information (DIO) o Indicates that the DODAG root has connectivity to a destination prefix • DODAG Configuration (DIO) o Distributes information about the DODAG o Usually static, so doesn't need to be sent with each DIO
Control Message Options (2) • RPL Target (DAO) o Indicates a specified target IPv6 address, prefix, or multicast group is reachable along the DODAG • Transit Information (DAO) o Indicates attributes for paths to one or more destination • Solicited Information (DIS) o Used for a node to request DIO messages from a subset of neighbor nodes • Prefix Information (DIO) o Propagates prefix information for State-Less Address Auto-Conf • RPL Target Descriptor (DAO) o Used to qualify/tag a target
Upward Route Creation / Node Joining • Node determines which DODAG is most preferred • Builds a set of potential neighbors using DIO messages o Must be reachable via link-local multicast • Determines a subset of neighbors that are potential parents • Determines one or more preferred parents • Sets it's rank as being greater than the parent's rank • Upward route is through the parent
Downward Route Creation • Nodes send DAO messages upward • In storing mode, nodes along the upward path can store routes to these destinations and send DAO upward • Downward Routes constructed by recursively looking up parent nodes until the node is found
Security Mechanisms • 3 Security modes for an RPL Instance: o Unsecured - Regular control messages, no security provided by RPL o Pre-Installed - Secure control messages using a pre- shared key o Authenticated - Secure control messages using a pre- shared key, must obtain a second key from a key authority to be a router • MAC or Signature used to provide message integrity/authentication • Optional encryption using CCM with AES-128 encryption • Counters and Timestamps to prevent replay/timing attacks
Loop Avoidance • Detects DAG inconsistencies at each node if: o downward packet received from higher ranked node o upward packet received from lower ranked node • Detects DAO inconsistencies (incorrect down routes stored at nodes) if: o node receives a packet for which it is no longer the parent
Agenda • Overview of RPL - o Topology/Topology Construction o Types of Routes o Traffic Flows supported o Overview of control messages (high level)  DIS, DIO, DAO, DAO-ACK, CC o Upward/Downward route creation and maintenance • Overview of Source-Routing Headers for RPL o Format of header o RPL Router Behavior o Security Considerations • Initial Project Plan o What's already been done o List messages we will have to decode,
IPv6 Routing Header for Source Routes • RPL relies on source routing to utilize paths that include memory constrained routers • Needed to support downward routes in RPL instances using Non-Storing Mode o source routes populated by DODAG root • SRH header is similar to the IPv6 header described in RFC2460 • SRH allows compaction of source route entries when all entries share same prefix
Source Routing for RPL • Source routes specified can be: o The entire path from source to destination o Subset of actual path between Source to Destination • SRH can only be used between RPL Instances • RPL Border routers responsible for connecting to other RPL Routers o IPv6-in-IPv6 • RPL Router drops datagram if o multiple addresses assigned to any interface on that router
SRH Case 1 • SRH specifies complete path between source to destination • Router places source header directly in datagram
SRH Case 2 • Occurs when source and/or destination are outside RPL instance • R is the RPL Border Router
Format of RPL Routing Header
Generating Source Route Headers • if source and destination in same instance o router includes SRH header in original packet • if source and/or destination in different instance o router uses IPv6-in-IPv6 • RPL router must set segments left to no greater than original datagram's Hop Limit o what is source route is longer than IPv6 hop limit? • If RPL router is not a source of the datagram, it first decrements Hop Count and then generates SRH • Desirable to consider path MTU size to prevent performance degradation due to fragmentation o data size + 40(outer IP header) + SRH_MAX_SIZE
Processing Source Route Headers • Processed when packet reaches node identified by • destination address field. • Processing header: o destination address = next hop's address o if segments left non-zero and destination address not on link packet must be dropped send ICMP destination unreachable error message else packet is forwarded o detect loop d  If SRH contains multiple address assigned to any interface on that router, drop packet  send ICMP parameter problem error message
Security Considerations • Does not specify any confidentiality, integrity or authenticity mechanism. • RPL routers must drop datagram containing SRH in the IPv6 extention header. • Vulnerable to attacks from inside RPL instance. • Bandwidth exhaustion attack handled by loop detection mechanism • Possible attacks o Bypassing filtering devices o reaching otherwise unreachable internet system o defeating anycast o routing topology discovery
IANA Consideration • New source routing type "RPL Source Route Header" defined o assigned number TBD by IANA • New ICMPv6 Destination unreachable code defined o Strict Source Routing Failed o assigned number TBD by IANA
What's already been done • Wireshark filters for the control messages (ICMPv6) from the main RFC • Support for version 3 of the SRH RFC (currently version 7)
What we plan to implement • Update Source Route Header (SRH) dissecting capabilities • Ensure decoding works with IPv6-in-IPv6 encapsulated packets where SRH is in the outer IPv6 packet • Show errors visually o IPv6 addresses must not appear more than once in the SRH o IPv6 source and destination must not appear in the SRH o Multicast IPv6 addresses must not appear in the SRH or as the destination of a IPv6 packet with a SRH o If CmprI == 0 and CmprE == 0, Pad must == 0 • Highlight circumstances where messages must be dropped and ICMPv6 error messages should be generated o non-zero segments left value and destination not on link o SRH includes multiple addresses assigned to interfaces on a given router and messages are seperated by at least one interface
Questions?
Sources http://tools.ietf.org/html/draft-ietf-6man-rpl-routing-header-07 http://tools.ietf.org/html/draft-ietf-roll-rpl-19 http://cnds.eecs.jacobs-university.de/courses/nds-2010/kuryla- rpl.pdf

Empfohlen

Iot rpl
Iot rplIot rpl
Iot rplDESHPANDE M
 
Rpl
Rpl Rpl
Rpl Truong Giang Nguyen
 
RPL - Routing Protocol for Low Power and Lossy Networks
RPL - Routing Protocol for Low Power and Lossy NetworksRPL - Routing Protocol for Low Power and Lossy Networks
RPL - Routing Protocol for Low Power and Lossy NetworksPradeep Kumar TS
 
Rpl:Routing Protocol for Low-Power and Lossy Networks
Rpl:Routing Protocol for Low-Power and Lossy NetworksRpl:Routing Protocol for Low-Power and Lossy Networks
Rpl:Routing Protocol for Low-Power and Lossy NetworksLandry Simo
 
SDH BASICS
SDH BASICSSDH BASICS
SDH BASICSNiranjan Poojary
 
Mpls
MplsMpls
Mplsarbhatawdekar
 
6lowpan
6lowpan 6lowpan
6lowpan Wi6Labs
 
MPLS & BASIC LDP
MPLS & BASIC LDPMPLS & BASIC LDP
MPLS & BASIC LDPReza Farahani
 

Empfohlen

Iot rpl
Iot rplIot rpl
Iot rplDESHPANDE M
 
Rpl
Rpl Rpl
Rpl Truong Giang Nguyen
 
RPL - Routing Protocol for Low Power and Lossy Networks
RPL - Routing Protocol for Low Power and Lossy NetworksRPL - Routing Protocol for Low Power and Lossy Networks
RPL - Routing Protocol for Low Power and Lossy NetworksPradeep Kumar TS
 
Rpl:Routing Protocol for Low-Power and Lossy Networks
Rpl:Routing Protocol for Low-Power and Lossy NetworksRpl:Routing Protocol for Low-Power and Lossy Networks
Rpl:Routing Protocol for Low-Power and Lossy NetworksLandry Simo
 
SDH BASICS
SDH BASICSSDH BASICS
SDH BASICSNiranjan Poojary
 
Mpls
MplsMpls
Mplsarbhatawdekar
 
6lowpan
6lowpan 6lowpan
6lowpan Wi6Labs
 
MPLS & BASIC LDP
MPLS & BASIC LDPMPLS & BASIC LDP
MPLS & BASIC LDPReza Farahani
 
Mpls technology
Mpls technologyMpls technology
Mpls technologyNaveen Sihag
 
6lowpan
6lowpan6lowpan
6lowpanDwarakanath Tulasi
 
Segment Routing Advanced Use Cases - Cisco Live 2016 USA
Segment Routing Advanced Use Cases - Cisco Live 2016 USASegment Routing Advanced Use Cases - Cisco Live 2016 USA
Segment Routing Advanced Use Cases - Cisco Live 2016 USAJose Liste
 
Rpl dodag
Rpl dodagRpl dodag
Rpl dodagTonachi Shika
 
Day 2 IP ROUTING
Day 2 IP ROUTINGDay 2 IP ROUTING
Day 2 IP ROUTINGanilinvns
 
SDH/SONET alarms & performance monitoring
SDH/SONET alarms & performance monitoringSDH/SONET alarms & performance monitoring
SDH/SONET alarms & performance monitoringMapYourTech
 
Multi-Protocol Label Switching
Multi-Protocol Label SwitchingMulti-Protocol Label Switching
Multi-Protocol Label Switchingseanraz
 
Cisco Packet Transport Network – MPLS-TP
Cisco Packet Transport Network – MPLS-TPCisco Packet Transport Network – MPLS-TP
Cisco Packet Transport Network – MPLS-TPCisco Canada
 
Segment Routing Lab
Segment Routing Lab Segment Routing Lab
Segment Routing Lab Cisco Canada
 
Mobile ipv6
Mobile ipv6Mobile ipv6
Mobile ipv6Paras Jha
 
6LoWPAN: An open IoT Networking Protocol
6LoWPAN: An open IoT Networking Protocol6LoWPAN: An open IoT Networking Protocol
6LoWPAN: An open IoT Networking ProtocolSamsung Open Source Group
 
Networking Protocols for Internet of Things
Networking Protocols for Internet of ThingsNetworking Protocols for Internet of Things
Networking Protocols for Internet of Thingsrjain51
 
Passive Optical Networks
Passive Optical NetworksPassive Optical Networks
Passive Optical Networksfanttazio
 
OSPF
OSPF OSPF
OSPF NetProtocol Xpert
 
The constrained application protocol (CoAP)
The constrained application protocol (CoAP)The constrained application protocol (CoAP)
The constrained application protocol (CoAP)Hamdamboy (함담보이)
 
Segment Routing: A Tutorial
Segment Routing: A TutorialSegment Routing: A Tutorial
Segment Routing: A TutorialAPNIC
 
MPLS L3 VPN Deployment
MPLS L3 VPN DeploymentMPLS L3 VPN Deployment
MPLS L3 VPN DeploymentAPNIC
 
Implementing cisco mpls
Implementing cisco mplsImplementing cisco mpls
Implementing cisco mplsMatiullah Jamil
 
BGP (Border Gateway Protocol)
BGP (Border Gateway Protocol)BGP (Border Gateway Protocol)
BGP (Border Gateway Protocol)NetProtocol Xpert
 
Segment Routing for Dummies
Segment Routing for DummiesSegment Routing for Dummies
Segment Routing for DummiesGary Jan
 
1 bonica tutorial_segment_routing
1 bonica tutorial_segment_routing1 bonica tutorial_segment_routing
1 bonica tutorial_segment_routinghptoga
 
5. transistion mechanisum 1
5. transistion mechanisum 15. transistion mechanisum 1
5. transistion mechanisum 1rajataro
 

Weitere ähnliche Inhalte

Was ist angesagt?

Mpls technology
Mpls technologyMpls technology
Mpls technologyNaveen Sihag
 
Segment Routing Advanced Use Cases - Cisco Live 2016 USA
Segment Routing Advanced Use Cases - Cisco Live 2016 USASegment Routing Advanced Use Cases - Cisco Live 2016 USA
Segment Routing Advanced Use Cases - Cisco Live 2016 USAJose Liste
 
Day 2 IP ROUTING
Day 2 IP ROUTINGDay 2 IP ROUTING
Day 2 IP ROUTINGanilinvns
 
SDH/SONET alarms & performance monitoring
SDH/SONET alarms & performance monitoringSDH/SONET alarms & performance monitoring
SDH/SONET alarms & performance monitoringMapYourTech
 
Multi-Protocol Label Switching
Multi-Protocol Label SwitchingMulti-Protocol Label Switching
Multi-Protocol Label Switchingseanraz
 
Cisco Packet Transport Network – MPLS-TP
Cisco Packet Transport Network – MPLS-TPCisco Packet Transport Network – MPLS-TP
Cisco Packet Transport Network – MPLS-TPCisco Canada
 
Segment Routing Lab
Segment Routing Lab Segment Routing Lab
Segment Routing Lab Cisco Canada
 
Mobile ipv6
Mobile ipv6Mobile ipv6
Mobile ipv6Paras Jha
 
6LoWPAN: An open IoT Networking Protocol
6LoWPAN: An open IoT Networking Protocol6LoWPAN: An open IoT Networking Protocol
6LoWPAN: An open IoT Networking ProtocolSamsung Open Source Group
 
Networking Protocols for Internet of Things
Networking Protocols for Internet of ThingsNetworking Protocols for Internet of Things
Networking Protocols for Internet of Thingsrjain51
 
Passive Optical Networks
Passive Optical NetworksPassive Optical Networks
Passive Optical Networksfanttazio
 
Segment Routing: A Tutorial
Segment Routing: A TutorialSegment Routing: A Tutorial
Segment Routing: A TutorialAPNIC
 
MPLS L3 VPN Deployment
MPLS L3 VPN DeploymentMPLS L3 VPN Deployment
MPLS L3 VPN DeploymentAPNIC
 
Implementing cisco mpls
Implementing cisco mplsImplementing cisco mpls
Implementing cisco mplsMatiullah Jamil
 
BGP (Border Gateway Protocol)
BGP (Border Gateway Protocol)BGP (Border Gateway Protocol)
BGP (Border Gateway Protocol)NetProtocol Xpert
 
Segment Routing for Dummies
Segment Routing for DummiesSegment Routing for Dummies
Segment Routing for DummiesGary Jan
 

Was ist angesagt? (20)

Mpls technology
Mpls technologyMpls technology
Mpls technology
 
6lowpan
6lowpan6lowpan
6lowpan
 
Segment Routing Advanced Use Cases - Cisco Live 2016 USA
Segment Routing Advanced Use Cases - Cisco Live 2016 USASegment Routing Advanced Use Cases - Cisco Live 2016 USA
Segment Routing Advanced Use Cases - Cisco Live 2016 USA
 
Rpl dodag
Rpl dodagRpl dodag
Rpl dodag
 
Day 2 IP ROUTING
Day 2 IP ROUTINGDay 2 IP ROUTING
Day 2 IP ROUTING
 
SDH/SONET alarms & performance monitoring
SDH/SONET alarms & performance monitoringSDH/SONET alarms & performance monitoring
SDH/SONET alarms & performance monitoring
 
Multi-Protocol Label Switching
Multi-Protocol Label SwitchingMulti-Protocol Label Switching
Multi-Protocol Label Switching
 
Cisco Packet Transport Network – MPLS-TP
Cisco Packet Transport Network – MPLS-TPCisco Packet Transport Network – MPLS-TP
Cisco Packet Transport Network – MPLS-TP
 
Segment Routing Lab
Segment Routing Lab Segment Routing Lab
Segment Routing Lab
 
Mobile ipv6
Mobile ipv6Mobile ipv6
Mobile ipv6
 
6LoWPAN: An open IoT Networking Protocol
6LoWPAN: An open IoT Networking Protocol6LoWPAN: An open IoT Networking Protocol
6LoWPAN: An open IoT Networking Protocol
 
Networking Protocols for Internet of Things
Networking Protocols for Internet of ThingsNetworking Protocols for Internet of Things
Networking Protocols for Internet of Things
 
Passive Optical Networks
Passive Optical NetworksPassive Optical Networks
Passive Optical Networks
 
OSPF
OSPF OSPF
OSPF
 
The constrained application protocol (CoAP)
The constrained application protocol (CoAP)The constrained application protocol (CoAP)
The constrained application protocol (CoAP)
 
Segment Routing: A Tutorial
Segment Routing: A TutorialSegment Routing: A Tutorial
Segment Routing: A Tutorial
 
MPLS L3 VPN Deployment
MPLS L3 VPN DeploymentMPLS L3 VPN Deployment
MPLS L3 VPN Deployment
 
Implementing cisco mpls
Implementing cisco mplsImplementing cisco mpls
Implementing cisco mpls
 
BGP (Border Gateway Protocol)
BGP (Border Gateway Protocol)BGP (Border Gateway Protocol)
BGP (Border Gateway Protocol)
 
Segment Routing for Dummies
Segment Routing for DummiesSegment Routing for Dummies
Segment Routing for Dummies
 

Ă„hnlich wie I pv6 routing_protocol_for_low_power_and_lossy_

1 bonica tutorial_segment_routing
1 bonica tutorial_segment_routing1 bonica tutorial_segment_routing
1 bonica tutorial_segment_routinghptoga
 
5. transistion mechanisum 1
5. transistion mechanisum 15. transistion mechanisum 1
5. transistion mechanisum 1rajataro
 
Final Presentation on the Network layer
Final Presentation on the Network layerFinal Presentation on the Network layer
Final Presentation on the Network layerZee Haak
 
Dik acn presentation
Dik acn presentationDik acn presentation
Dik acn presentationdikshagupta111
 
Packet Analysis - Course Technology Computing Conference
Packet Analysis - Course Technology Computing ConferencePacket Analysis - Course Technology Computing Conference
Packet Analysis - Course Technology Computing ConferenceCengage Learning
 
TechWiseTV Workshop: Segment Routing for the Datacenter
TechWiseTV Workshop: Segment Routing for the DatacenterTechWiseTV Workshop: Segment Routing for the Datacenter
TechWiseTV Workshop: Segment Routing for the DatacenterRobb Boyd
 
Part 10 : Routing in IP networks and interdomain routing with BGP
Part 10 : Routing in IP networks and interdomain routing with BGPPart 10 : Routing in IP networks and interdomain routing with BGP
Part 10 : Routing in IP networks and interdomain routing with BGPOlivier Bonaventure
 
CisCon 2018 - Overlay Management Protocol e IPsec
CisCon 2018 - Overlay Management Protocol e IPsecCisCon 2018 - Overlay Management Protocol e IPsec
CisCon 2018 - Overlay Management Protocol e IPsecAreaNetworking.it
 
Internet standard routing protocols
Internet standard routing protocolsInternet standard routing protocols
Internet standard routing protocolsOnline
 
Building day 2 upload Building the Internet of Things with Thingsquare and ...
Building day 2 upload Building the Internet of Things with Thingsquare and ...Building day 2 upload Building the Internet of Things with Thingsquare and ...
Building day 2 upload Building the Internet of Things with Thingsquare and ...Adam Dunkels
 
Routing Protocol in detail
Routing Protocol in detailRouting Protocol in detail
Routing Protocol in detailDil_E_Dastan
 
Link state routing protocol
Link state routing protocolLink state routing protocol
Link state routing protocolAung Thu Rha Hein
 
ROUTING PROTOCOLS new.pptx
ROUTING PROTOCOLS new.pptxROUTING PROTOCOLS new.pptx
ROUTING PROTOCOLS new.pptxAayushMishra89
 
OPEN SHORTEST PATH FIRST (OSPF)
OPEN SHORTEST PATH FIRST (OSPF)OPEN SHORTEST PATH FIRST (OSPF)
OPEN SHORTEST PATH FIRST (OSPF)Ann Joseph
 
bgp(border gateway protocol)
bgp(border gateway protocol)bgp(border gateway protocol)
bgp(border gateway protocol)Noor Ul Hudda Memon
 

Ă„hnlich wie I pv6 routing_protocol_for_low_power_and_lossy_ (20)

1 bonica tutorial_segment_routing
1 bonica tutorial_segment_routing1 bonica tutorial_segment_routing
1 bonica tutorial_segment_routing
 
5. transistion mechanisum 1
5. transistion mechanisum 15. transistion mechanisum 1
5. transistion mechanisum 1
 
1Routing Basics.pdf
1Routing Basics.pdf1Routing Basics.pdf
1Routing Basics.pdf
 
Final Presentation on the Network layer
Final Presentation on the Network layerFinal Presentation on the Network layer
Final Presentation on the Network layer
 
SEGMENT Routing
SEGMENT RoutingSEGMENT Routing
SEGMENT Routing
 
Dik acn presentation
Dik acn presentationDik acn presentation
Dik acn presentation
 
Packet Analysis - Course Technology Computing Conference
Packet Analysis - Course Technology Computing ConferencePacket Analysis - Course Technology Computing Conference
Packet Analysis - Course Technology Computing Conference
 
TechWiseTV Workshop: Segment Routing for the Datacenter
TechWiseTV Workshop: Segment Routing for the DatacenterTechWiseTV Workshop: Segment Routing for the Datacenter
TechWiseTV Workshop: Segment Routing for the Datacenter
 
Network Layer Protocol.pptx
Network Layer Protocol.pptxNetwork Layer Protocol.pptx
Network Layer Protocol.pptx
 
Part 10 : Routing in IP networks and interdomain routing with BGP
Part 10 : Routing in IP networks and interdomain routing with BGPPart 10 : Routing in IP networks and interdomain routing with BGP
Part 10 : Routing in IP networks and interdomain routing with BGP
 
CisCon 2018 - Overlay Management Protocol e IPsec
CisCon 2018 - Overlay Management Protocol e IPsecCisCon 2018 - Overlay Management Protocol e IPsec
CisCon 2018 - Overlay Management Protocol e IPsec
 
Internet standard routing protocols
Internet standard routing protocolsInternet standard routing protocols
Internet standard routing protocols
 
Building day 2 upload Building the Internet of Things with Thingsquare and ...
Building day 2 upload Building the Internet of Things with Thingsquare and ...Building day 2 upload Building the Internet of Things with Thingsquare and ...
Building day 2 upload Building the Internet of Things with Thingsquare and ...
 
Routing Protocol in detail
Routing Protocol in detailRouting Protocol in detail
Routing Protocol in detail
 
Link state routing protocol
Link state routing protocolLink state routing protocol
Link state routing protocol
 
ROUTING PROTOCOLS new.pptx
ROUTING PROTOCOLS new.pptxROUTING PROTOCOLS new.pptx
ROUTING PROTOCOLS new.pptx
 
OPEN SHORTEST PATH FIRST (OSPF)
OPEN SHORTEST PATH FIRST (OSPF)OPEN SHORTEST PATH FIRST (OSPF)
OPEN SHORTEST PATH FIRST (OSPF)
 
Ad hoc
Ad hocAd hoc
Ad hoc
 
bgp(border gateway protocol)
bgp(border gateway protocol)bgp(border gateway protocol)
bgp(border gateway protocol)
 
Network Layer
Network LayerNetwork Layer
Network Layer
 

KĂĽrzlich hochgeladen

How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGSujit Pal
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel AraĂşjo
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 

KĂĽrzlich hochgeladen (20)

How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAG
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 

I pv6 routing_protocol_for_low_power_and_lossy_

  • 1. IPv6 Routing Protocol for Low power and Lossy Networks draft-ietf-roll-rpl-19 draft-ietf-6man-rpl-routing-header-07 Andrew Williams Sheetal Kshirsagar
  • 2. Agenda • Overview of RPL - o Topology/Topology Construction o Types of Routes o Traffic Flows supported o Overview of control messages (high level)  DIS, DIO, DAO, DAO-ACK, CC o Upward/Downward route creation and maintenance • Overview of Source-Routing Headers for RPL o Format of header o RPL Router Behavior o Security Considerations • Initial Project Plan o What's already been done o List messages we will have to decode,
  • 3. Definitions • Low power and Lossy Networks (LLN) o Network where routers and links are constrained • IPv6 Routing Protocol for LLN (RPL) o Mechanism for routing traffic flows in LLNs
  • 4. Survey of Routing Protocols Source: Siarhei Kuryla, Networks and Distributed Systems seminar, http://cnds.eecs.jacobs-university.de/courses/nds-2010/kuryla-rpl.pdf
  • 5. Topology • Forms one or more Destination Oriented Directed Acyclic Graphs (DODAGs) between nodes Source: Siarhei Kuryla, Networks and Distributed Systems seminar, http://cnds.eecs.jacobs-university.de/courses/nds-2010/kuryla-rpl.pdf
  • 6. Topology/Topology Construction • An LLN is divided into one or more RPL Instance • Each instance may have one or more DODAG • Each node joins one DODAG per RPL Instance • Each RPL Instance has an Objective Function used to rank nodes based on different metrics • Rank is the distance a node is from a DODAG root • Links established from higher rank nodes to lower rank ones • Each DODAG has a version, when changes occur the ranks are recalculated and version incremented (initiated by DODAG root)
  • 7. Topology Construction (Visually) Source: Siarhei Kuryla, Networks and Distributed Systems seminar, http://cnds.eecs.jacobs-university.de/courses/nds-2010/kuryla-rpl.pdf
  • 8. Routes in RPL • Upward Routes o Routes from nodes towards root o Learned during ranking/parent selection through control messages (DIO) • Downward Routes o Routes away from root towards node, learned via control messages (DAO) o Handle according to RPL Instance mode of operation: o Storing Mode  Nodes may store the down routes, route packets down o Non-Storing Mode  Only root stores routes, all packets go to root and source routed down
  • 9. Traffic Flows Supported • Multipoint-to-Point (MP2P) o Ex: One node providing a sink for many o Uses up routes • Point-to-Multipoint (P2MP) o Ex: Firmware update sent to all nodes o Uses down routes toward destinations (prefixes, addresses, or multicast groups), and away from roots • Point-to-Point (P2P) o A packet flows towards a root through up routes until it reaches an ancestor that has a known down route to the destination or the root.
  • 10. Overview of Control Messages • Uses ICMPv6 with Type = 155 • Code specifies type of control message • Base is where the message goes
  • 11. Control Message Bases • DODAG Information Solicitation (DIS) • DODAG Information Object (DIO) • DODAG Advertisement Object (DAO) • DODAG Advertisement Object ACK (DAO-ACK) • Consistency Check (CC)
  • 12. Overview of Control Messages - DIS • DODAG Information Solicitation (DIS) • Used to probe neighbors for nearby DODAGs • Can be used to solicit DIO messages
  • 13. Overview of Control Messages - DIO • DODAG Information Object (DIO) • Allows nodes to discover an RPL Instance, learn the configuration parameters, select a DODAG parent, and maintain the DODAG
  • 14. Overview of Control Messages - DAO • Destination Advertisement Object (DAO) • Sends node information to the DODAG root • K - A DAO-ACK is expected • D - DODAGID field is present
  • 15. Overview of Control Messages - DAO-ACK • Destination Advertisement Object ACK (DAO-ACK) • DAOSequence - Corresponds to DAO message
  • 16. Overview of Control Messages - CC • Consistency Check • Used for challenges/responses and for checking secure message counters • Must be sent using the Secure RPL Message format
  • 17. Secure Control Messages • Each control message also has a secure version • Security section above included in message (before base) • Provides integrity and replay protection, with optional confidentiality and delay protection
  • 18. Control Message Options • PAD1 o Add single octet of padding for option alignment • PADN o Add two or more octets for padding • Metric Container (DIO, DAO) o Pass node, link, and aggregate path metrics • Route Information (DIO) o Indicates that the DODAG root has connectivity to a destination prefix • DODAG Configuration (DIO) o Distributes information about the DODAG o Usually static, so doesn't need to be sent with each DIO
  • 19. Control Message Options (2) • RPL Target (DAO) o Indicates a specified target IPv6 address, prefix, or multicast group is reachable along the DODAG • Transit Information (DAO) o Indicates attributes for paths to one or more destination • Solicited Information (DIS) o Used for a node to request DIO messages from a subset of neighbor nodes • Prefix Information (DIO) o Propagates prefix information for State-Less Address Auto-Conf • RPL Target Descriptor (DAO) o Used to qualify/tag a target
  • 20. Upward Route Creation / Node Joining • Node determines which DODAG is most preferred • Builds a set of potential neighbors using DIO messages o Must be reachable via link-local multicast • Determines a subset of neighbors that are potential parents • Determines one or more preferred parents • Sets it's rank as being greater than the parent's rank • Upward route is through the parent
  • 21. Downward Route Creation • Nodes send DAO messages upward • In storing mode, nodes along the upward path can store routes to these destinations and send DAO upward • Downward Routes constructed by recursively looking up parent nodes until the node is found
  • 22. Security Mechanisms • 3 Security modes for an RPL Instance: o Unsecured - Regular control messages, no security provided by RPL o Pre-Installed - Secure control messages using a pre- shared key o Authenticated - Secure control messages using a pre- shared key, must obtain a second key from a key authority to be a router • MAC or Signature used to provide message integrity/authentication • Optional encryption using CCM with AES-128 encryption • Counters and Timestamps to prevent replay/timing attacks
  • 23. Loop Avoidance • Detects DAG inconsistencies at each node if: o downward packet received from higher ranked node o upward packet received from lower ranked node • Detects DAO inconsistencies (incorrect down routes stored at nodes) if: o node receives a packet for which it is no longer the parent
  • 24. Agenda • Overview of RPL - o Topology/Topology Construction o Types of Routes o Traffic Flows supported o Overview of control messages (high level)  DIS, DIO, DAO, DAO-ACK, CC o Upward/Downward route creation and maintenance • Overview of Source-Routing Headers for RPL o Format of header o RPL Router Behavior o Security Considerations • Initial Project Plan o What's already been done o List messages we will have to decode,
  • 25. IPv6 Routing Header for Source Routes • RPL relies on source routing to utilize paths that include memory constrained routers • Needed to support downward routes in RPL instances using Non-Storing Mode o source routes populated by DODAG root • SRH header is similar to the IPv6 header described in RFC2460 • SRH allows compaction of source route entries when all entries share same prefix
  • 26. Source Routing for RPL • Source routes specified can be: o The entire path from source to destination o Subset of actual path between Source to Destination • SRH can only be used between RPL Instances • RPL Border routers responsible for connecting to other RPL Routers o IPv6-in-IPv6 • RPL Router drops datagram if o multiple addresses assigned to any interface on that router
  • 27. SRH Case 1 • SRH specifies complete path between source to destination • Router places source header directly in datagram
  • 28. SRH Case 2 • Occurs when source and/or destination are outside RPL instance • R is the RPL Border Router
  • 29. Format of RPL Routing Header
  • 30. Generating Source Route Headers • if source and destination in same instance o router includes SRH header in original packet • if source and/or destination in different instance o router uses IPv6-in-IPv6 • RPL router must set segments left to no greater than original datagram's Hop Limit o what is source route is longer than IPv6 hop limit? • If RPL router is not a source of the datagram, it first decrements Hop Count and then generates SRH • Desirable to consider path MTU size to prevent performance degradation due to fragmentation o data size + 40(outer IP header) + SRH_MAX_SIZE
  • 31. Processing Source Route Headers • Processed when packet reaches node identified by • destination address field. • Processing header: o destination address = next hop's address o if segments left non-zero and destination address not on link packet must be dropped send ICMP destination unreachable error message else packet is forwarded o detect loop d  If SRH contains multiple address assigned to any interface on that router, drop packet  send ICMP parameter problem error message
  • 32. Security Considerations • Does not specify any confidentiality, integrity or authenticity mechanism. • RPL routers must drop datagram containing SRH in the IPv6 extention header. • Vulnerable to attacks from inside RPL instance. • Bandwidth exhaustion attack handled by loop detection mechanism • Possible attacks o Bypassing filtering devices o reaching otherwise unreachable internet system o defeating anycast o routing topology discovery
  • 33. IANA Consideration • New source routing type "RPL Source Route Header" defined o assigned number TBD by IANA • New ICMPv6 Destination unreachable code defined o Strict Source Routing Failed o assigned number TBD by IANA
  • 34. What's already been done • Wireshark filters for the control messages (ICMPv6) from the main RFC • Support for version 3 of the SRH RFC (currently version 7)
  • 35. What we plan to implement • Update Source Route Header (SRH) dissecting capabilities • Ensure decoding works with IPv6-in-IPv6 encapsulated packets where SRH is in the outer IPv6 packet • Show errors visually o IPv6 addresses must not appear more than once in the SRH o IPv6 source and destination must not appear in the SRH o Multicast IPv6 addresses must not appear in the SRH or as the destination of a IPv6 packet with a SRH o If CmprI == 0 and CmprE == 0, Pad must == 0 • Highlight circumstances where messages must be dropped and ICMPv6 error messages should be generated o non-zero segments left value and destination not on link o SRH includes multiple addresses assigned to interfaces on a given router and messages are seperated by at least one interface