1 TRIAD and Internet Addressing at the Edge Prof. David Cheriton Computer Science Department...
-
Upload
ruby-bruce -
Category
Documents
-
view
215 -
download
1
Transcript of 1 TRIAD and Internet Addressing at the Edge Prof. David Cheriton Computer Science Department...
1
TRIAD and Internet Addressing at the
EdgeProf. David Cheriton
Computer Science Department
Stanford University
2
What is TRIAD?
NAT-based Internet Architecture» end-to-end semantics» highly scalable» compatible with IPv4» extended directory services
DARPA-sponsored project, Aug. 1999 http://www-dsg.stanford.edu/triad.html
3
TRIAD vs current NAT Name-based E2E identification
» DNS names, not end-to-end addresses» Reliable, secure router-integrated directories
End-to-end semantics» name-based pseudo-header for checksum
WRAP shim protocol for extended address» Intra-realm: normal IPv4 forwarding» Inter-realm: Translation and relaying
Fixes problems with NAT, fixes the Internet
4
TRIAD at the Edge:Similar to Current NAT
Realms
Intra-realm: IPv4 operation Relay Agent (RA) - extended NAT device
» local name service, private addrs alloc.
Addressing at the edge: private addrs and locally-managed global names
src
dst2RA1 RA2Internet
Realm 1 Realm 2
dst1
5
Relay Agent Functionality NAT between local private addresses and
global Internet addresses Local addr. alloc. and auto-config, DHCP Split DNS:
» internal access to global names» external access to local names
Firewall protection from Internet Monitoring and shaping for ISP SLA Multi-home the edge net for availability
6
Benefits
Edge: Autonomy, convenience, protection, control, low-cost IPv4 devices
ISP: charge per “global” address and per-user specified name suffix» customer takes responsibility for protection
Apps: app.-independent and soft-state Internet: No need to make the transition to
IPv6 routers, protocols, net. man. etc.
7
Concluding Remarkshttp://www-dsg.stanford.edu/tr
iad.html Having a “border” to the edge is established
» NAT, firewall, edge router» the flat and open Internet is long gone
Leverage the border device to:» insulate the core from edge naming and
addressing requirements» support edge autonomy and configuration
TRIAD to regain transparency and application-independence thru the border.