A New IPv6 Tunneling Protocol: Escort

Author

An, Hailin ; Luo, Wanming ; Li, Xingfeng ; Zhang, Xinchang ; Yan, Baoping

Author_Institution

Comput. Network Inf. Center, Chinese Acad. of Sci., Beijing, China

fYear

2009

fDate

18-20 Jan. 2009

Firstpage

1

Lastpage

6

Abstract

Teredo is a service that enables nodes located behind one or more IPv4 Network Address Translations (NATs) to obtain IPv6 connectivity by tunneling packets over IPv4 UDP. Although Teredo is a useful protocol, it also has some weaknesses. It can not work with symmetric NAT, and it raises some security concerns, such as bypassing security controls, reducing defense in depth, and allowing unsolicited traffic. In this paper, we propose a new IPv6-in-IPv4-UDP tunneling protocol-Escort, which adopts ID/Locator split thought, and we explain how an Escort client configures its Escort host identity address, learns its global Escort IPv6 address and obtains IPv6 connectivity with the help of Escort servers and Escort relays. We also describe in details our strategies for implementing Escort server and Escort relay under linux, and make a performance measurement of our Escort relay implementation and compare the packet processing latency of the Escort relay with that of Miredo-relay.

Keywords

IP networks; telecommunication security; transport protocols; Escort relays; ID-locator; IPv6 tunneling protocol; Linux; Miredo-relay; NAT; Teredo; UDP; identity address; network address translations; Computer networks; IP networks; Linux; Network address translation; Network servers; Protocols; Quality of service; Relays; Security; Tunneling;

fLanguage

English

Publisher

ieee

Conference_Titel

Computer Network and Multimedia Technology, 2009. CNMT 2009. International Symposium on

Conference_Location

Wuhan

Print_ISBN

978-1-4244-5272-9

Type

conf

DOI

10.1109/CNMT.2009.5374781

Filename

5374781