A proposal for unifying mobility with multi-homing, NAT, & security

Internet users seek solutions for mobility, multi-homing, support for localised address management (i.e. via NATs), and end-to-end security. Existing mobility approaches are not well integrated into the rest of the Internet architecture, instead primarily being separate extensions that at present are not widely deployed. Because the current approaches to these issues were developed separately, such approaches often are not harmonious when used together. Meanwhile, the Internet has a number of namespaces, for example the IP address or the Domain Name. In recent years, some have postulated that the Internet's namespaces are not sufficiently rich and that the current concept of an address is too limiting. One proposal, the concept of separating an address into an Identifier and a separate Locator, has been controversial in the Internet community for years. It has been considered within the IETF and IRTF several times, but always was rejected as unworkable. This paper takes the position that evolving the naming in the Internet by splitting the address into separate Identifier and Locator names can provide an elegant integrated solution to the key issues listed above, without changing the core routing architecture, while offering incremental deployability through backwards compatibility with IPv6.

[1]  Scott Shenker,et al.  Internet indirection infrastructure , 2002, SIGCOMM 2002.

[2]  Bernard Aboba,et al.  IPsec-Network Address Translation (NAT) Compatibility Requirements , 2004, RFC.

[3]  Paul Ferguson,et al.  Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing , 1998, RFC.

[4]  Jon Crowcroft,et al.  Plutarch: an argument for network pluralism , 2003, FDNA '03.

[5]  Brian Wellington,et al.  Secure Domain Name System (DNS) Dynamic Update , 2000, RFC.

[6]  Andrew T. Campbell,et al.  4+4: an architecture for evolving the Internet address space back toward transparency , 2003, CCRV.

[7]  Scott Rose,et al.  DNS Security Introduction and Requirements , 2005, RFC.

[8]  Michael O'Dell,et al.  GSE - An Alternate Addressing Architecture for IPv6 , 1997 .

[9]  Charles E. Perkins,et al.  IP Mobility Support , 1996, RFC.

[10]  Paul Francis,et al.  The IP Network Address Translator (NAT) , 1994, RFC.

[11]  David D. Clark,et al.  FARA: reorganizing the addressing architecture , 2003, FDNA '03.

[12]  J. Noel Chiappa IPng Technical Requirements Of the Nimrod Routing and Addressing Architecture , 1994, RFC.

[13]  Michael Walfish,et al.  A layered naming architecture for the internet , 2004, SIGCOMM '04.

[14]  Ari Huttunen,et al.  UDP Encapsulation of IPsec ESP Packets , 2005, RFC.

[15]  Bengt Ahlgren,et al.  The split naming/forwarding network architecture , 2003 .

[16]  Scott Rose,et al.  DNS Security Introduction and Requirements , 2005, RFC.

[17]  Charles E. Perkins,et al.  Mobility support in IPv6 , 1996, MobiCom '96.

[18]  Paul Francis,et al.  IPNL: A NAT-extended internet architecture , 2001, SIGCOMM 2001.

[19]  Donald E. Eastlake,et al.  Randomness Requirements for Security , 2005, RFC.

[20]  Jürgen Quittek,et al.  TurfNet: An Architecture for Dynamically Composable Networks , 2004, WAC.

[21]  Donald E. Eastlake,et al.  Randomness Recommendations for Security , 1994, RFC.

[22]  Jerome H. Saltzer,et al.  On the Naming and Binding of Network Destinations , 1993, RFC.

[23]  Matt Holdrege,et al.  Protocol Complications with the IP Network Address Translator , 2001, RFC.