GPRS Interworking with IPv 6 Preeti VinayakrayJani NOKIA

GPRS Interworking with IPv 6 Preeti Vinayakray-Jani NOKIA RESEARCH CENTER HELSINKI, FINLAND © NOKIA IPv 6_forum. PPT / 04. 12. 2000 / Preeti Vinayakray page: 1

Outline • • • GPRS Architecture - Basic Services IPv 6 over GPRS - A Protocol Stack Interworking Mechanisms and their Examples GPRS Interworking with Internet Security Threats in GPRS systems with Examples Summary © NOKIA IPv 6_forum. PPT / 04. 12. 2000 / Preeti Vinayakray page: 2

GPRS Architecture Operator A Cellular world h SGSN VLR/HLR GPRS core Operator B GTP' BG (4&6) SGSN GPRS core GGSN Existing IPv 4 Internet © NOKIA VLR/HLR IPv 6_forum. PPT / 04. 12. 2000 / Preeti Vinayakray page: 3

Basic Services • Address acquisition • • stateless stateful assign single address assign subnet • • GGSN intercepts and replies to neighbor discovery messages possible design: GTP tunnel based on link-layer address only MN address assignment as a result of 'GPRS Activate Context' request (which is triggered during PPP setup) GGSN sends router advertisements once GTP tunnel is formed • Name resolution • • New DNS record types: AAAA and A 6 AAAA support already exists DNS server should be dual stack Data transfer © NOKIA IPv 6_forum. PPT / 04. 12. 2000 / Preeti Vinayakray page: 4

IPv 6 Over GPRS: Protocol stack © NOKIA IPv 6_forum. PPT / 04. 12. 2000 / Preeti Vinayakray page: 5

Visited Network Support • Network with IPv 6 support (v 6) • • Network with basic IPv 4 support (v 4) • • • no support for IPv 6 no enforcing for the use of a Mobile IPv 4 FA (may not support MIPv 4 at all) Network with IPv 4 supports in which use of external FA (Foreign Agent) is mandatory (v 4 FA) • • In such a network there is an IPv 6 router reachable by the mobile host - the router responds to IPv 6 router solicitation requests sent by the mobile host. The IPv 6 router has connectivity to the rest of IPv 6 world. An IPv 4 network not supporting IPv 6 and requiring the visiting mobile host to use an external FA in the network. In the first phase of evolution from IPv 4 to IPv 6, v 4 type of network will be the most common visited network type (v 4 FA networks most probably are rare because of the low deployment of MIPv 4). © NOKIA IPv 6_forum. PPT / 04. 12. 2000 / Preeti Vinayakray page: 6

Interworking Mechanisms • Encapsulation • • • Supports end-to-end IPv 6 connectivity over IPv 4 networks Configured tunnels (does not scale) Automatic encapsulation (requires 1 public IPv 4 address per recipient) 6 to 4 encapsulation (requires 1 public IPv 4 address per site) Protocol translation • • Necessary for communication between IPv 4 and IPv 6 end points Network layer translators SIIT, NAT-PT (require little or no host changes) • Upper layer translators SOCKS, ALGs • Temporary address allocation • Supports end-to-end IPv 4 connectivity between a dual stack mobile node and IPv 4 -only correspondent • • AIIH (assigning IPv 4 addresses to IPv 6 hosts) RSIP (realm specific IP) Conti………. © NOKIA IPv 6_forum. PPT / 04. 12. 2000 / Preeti Vinayakray page: 7

Conti. . . Temporary Address Allocation • AIIH may still be relevant • • Implementations reportedly under way Allows connections initiated from the outside - AIIH server is a combined DNS and DHCP server - Uses DHCPv 6 extensions (Reconfigure) • RSIP is promising but not a panacea • • © NOKIA Requires host modifications Intermediate node maintains state Potential problems with TCP states: refused connections, security exposures Some application may assume all <IP-address, port> pairs with the same 'IPaddress' end in the same node IPv 6_forum. PPT / 04. 12. 2000 / Preeti Vinayakray page: 8

Encapsulation Example: 6 to 4 • Requires only 1 IPv 4 address per site • Implemented on various OS • Appears to be popular and effective © NOKIA IPv 6_forum. PPT / 04. 12. 2000 / Preeti Vinayakray page: 9

Protocol Translation Example: SIIT • NAT-PT and BITS use translations specified by SIIT © NOKIA IPv 6_forum. PPT / 04. 12. 2000 / Preeti Vinayakray page: 10

Protocol Translation Example: SOCKS • host change required, but no changes to DNS, routing etc. • implementation is available • public acceptance unclear; but appears to be quite useful © NOKIA IPv 6_forum. PPT / 04. 12. 2000 / Preeti Vinayakray page: 11

Temporary address allocation example: RSIP client RSIP server Address space A Correspondent Address space B REGISTER_REQUEST ASSIGN_REQUEST (address in B, or address/port-range) data traffic via tunnel data traffic • preserves end-to-end functionality • seen as 'next best thing' to IPv 6 • no practical experience yet ASSIGN_REQUEST_EXT (address in B, or address/port-range) data traffic via tunnel data traffic DEALLOCATE DE-REGISTER REQUEST Note: Responses from RSIP server are not shown © NOKIA IPv 6_forum. PPT / 04. 12. 2000 / Preeti Vinayakray page: 12

Security Threats in GPRS systems • Denial of Service (DOS) • • • Malicious party gets to see all traffic directed to particular Mobile host Session Stealing/Spoofing • • • A particular victim Mobile host gets terminated Eavesdropping and floods the Mobile host with bogus traffic Intercepting packets destined to Mobile host Incompetent Translator • Attacker gains physical access via unattended network socket by exercising some ARP requests to DHCP and gets access to IP host and floods the network • • Simple attack through Intranet to GGSN's Gi interface © NOKIA Attack through GPRS Tunneling Protocol (GTP) IPv 6_forum. PPT / 04. 12. 2000 / Preeti Vinayakray page: 13

Security Threats : IP Attacks (1/3) © NOKIA IPv 6_forum. PPT / 04. 12. 2000 / Preeti Vinayakray page: 14

Security Threat : Attacks through GTP (2/3) © NOKIA IPv 6_forum. PPT / 04. 12. 2000 / Preeti Vinayakray page: 15

Security Threat : Through Translator (3/3) © NOKIA IPv 6_forum. PPT / 04. 12. 2000 / Preeti Vinayakray page: 16

GPRS Interworking with Internet • (1) Mobile node type and address • (2) GGSN AP type (IPv 4, IPv 6, 6 to 4, . . ) and address • (3) Possibly needed Tr. GW - needed functionality and address type • (4) Edge router (assumption: dual stack); functionality and address type • (5) Router 1 between IPv 4 Internet and IPv 6 network • (6) The host that the MN is connected to Operator own network "ADDR" MN IPv 6 Internet Tr. GW • NAT-PT (1) • RSIP • Encapsulaton / decapsulation SGSN GPRS GGSN • etc. Operator NW core IPv 4 intranet Operator IPv 4 services © NOKIA IPv 4 • ALGs (2) "ADDR" • If tunneling is needed, (6) what tunneling mechanism is used and Host IPv 6 what are the endpoints of stub NW the tunnel? Router 1 (3) (4) Edge Router FW IPv 6 intranet Operator IPv 6 services IPv 6_forum. PPT / 04. 12. 2000 / Preeti Vinayakray page: 17 Points to think about: Internet (5) • Is a translator such as NAT-PT needed in the case? • Is there a sufficient number of public IPv 4 addresses (most probably not) • . . .

Summary • • Suitable transition techniques for IPv 4 interoperability exist • use dual stack nodes, encapsulation, and temporary IPv 4 address allocation as primary interoperability mechanisms • • if protocol translation is necessary, use upper layer translators where possible use IP-layer protocol translators only when there is no other option Applicability of Transition Mechanisms • • • 6 to 4 encapsulating mechanism is more competitive than others • Security Consideration - Upgrade the existing IPv 4 servers with dual stack support In case of limited public IPv 4 addresses, currently the use of RSIP is more preferred choice - To preserve end-to-end integrity of data and when protocol translation is necessary one should use SOCKS or ALGs than SIIT and NAT-PT - Trust Management with other operators is an important issue © NOKIA IPv 6_forum. PPT / 04. 12. 2000 / Preeti Vinayakray page: 18