[++doc] background and co.

This commit is contained in:
Nico Schottelius 2019-08-14 16:18:27 +02:00
parent ec1ee619db
commit ce02b44164
9 changed files with 113 additions and 14 deletions

View File

@ -103,22 +103,70 @@ the two protocols for this thesis are:
\label{fig:ipv4header} \label{fig:ipv4header}
\end{figure} \end{figure}
% ---------------------------------------------------------------------- % ----------------------------------------------------------------------
\section{\label{background:arpndp}ARP and NDP, ICMP ICMP6- FIXME} \section{\label{background:arpndp}ARP and NDP, ICMP and ICMP6}
Required for finding host. While IPv6 and IPv4 are primarily used as a ``shell'' to support
ARP \cite{rfc826} who has addressing for protocols that have no or limited addressing support
NDP similar -- add traces here (like TCP or UDP), protocols like ARP \cite{rfc826} and NDP
\cite{rfc4861} provide support for resolving IPv6 and IPv4
addresses to hardware (MAC) addresses. While both ARP and NDP are only
used prior to establishing a connection on and their results are
cached, their availability is crucial for operating a switch.
Figure \ref{fig:arpndp} illustrates a typical address resolution process.
\begin{figure}[h]
\includegraphics[scale=0.3]{arp-ndp}
\centering
\caption{ARP and NDP}
\label{fig:arpndp}
\end{figure}
The major difference between ARP and NDP in relation to P4 are
\begin{itemize}
\item ARP is a separate protocol on the same layer as IPv6 and IPv4,
\item NDP operates below ICMP6 which operates below IPv6,
\item NDP contains checksums over payload,
\item and NDP in ICMP6 contains optional, non referenced option fields
(specifically: ICMP6 link layer address option).
\end{itemize}
ARP is required to be a separate protocol, because IPv4 hosts don't
know how to communicate with each other yet, because they don't have a
way to communicate to the target IPv4 address (``The chicken and the
egg problem'').
NDP on the other hand already works within IPv6, as every IPv6 host is
required to have a self-assigned link local IPv6 address from the
range \texttt{fe80::/10} (compare RFC4291\cite{rfc4291}). NDP also
does not require broadcast communication, because hosts automatically
join multicast groups that embed parts of their
IPv6 addresses (\cite{rfc2710}, \cite{wikipedia:_solic}). This way the
collision domain is significantly reduced in IPv6, compared to IPv4.
being able to answer to error messages As seen later in this document (compare
MTU / pmtu \ref{results:netpfga:checksum}), the requirement to generate checksums
over payload poses difficult problems for some hardware targets. Even
more difficult is the use of options within ICMP6. Figure shows a
typical layout of a neighbor advertisement messages.
\begin{figure}[h]
\includegraphics[scale=0.3]{icmp6ndp}
\centering
\caption{ICMP6 option fields}
\label{fig:icmp6ndp}
\end{figure}
The problem arises from the layout of the options, as seen in the
following quote:
\begin{quote}
Neighbor Discovery messages include zero or more options, some of
which may appear multiple times in the same message. Options should
be padded when necessary to ensure that they end on their natural
64-bit boundaries.\footnote{From RFC4861.}
\end{quote}
Also add: IPv6 is closed / no arp ICMP6 and ICMP are primarily used to signal errors in
ICMP6 \cite{rfc4443} communication. Specifically signalling that a packet is too big to
%\LaTeX{} pass a certain link and needs fragmentation is a common functionality
of both protocols. For a host (or switch) to be able to emit ICMP6 and
DNS64 \cite{rfc6174} ICMP messages, the host requires a valid IPv6 / IPv4 address.
Without ICMP6 / ICMP support path mtu discovery (\cite{rfc1191},
IPv6 only network experiences \cite{rfc6586} \cite{rfc8201}) does not work and the sender needs to determine
Solicited-node multicast address\cite{wikipedia:_solic}. different ways of finding out the maximum MTU on the path.
% ok -- need to separate backgroun and results
% ---------------------------------------------------------------------- % ----------------------------------------------------------------------
\section{\label{background:transition}IPv6 Translation Mechanisms} \section{\label{background:transition}IPv6 Translation Mechanisms}
While in this thesis the focus was in NAT64 as a translation mechanism, While in this thesis the focus was in NAT64 as a translation mechanism,
@ -185,6 +233,10 @@ information to choose from for translation, complex parsers or even
cryptographic methods are required for it. That reduces the cryptographic methods are required for it. That reduces the
opportunities of protocol dependent translation opportunities of protocol dependent translation
% ---------------------------------------------------------------------- % ----------------------------------------------------------------------
\subsection{\label{background:transition:dns64}DNS64 - FIXME}
DNS64 \cite{rfc6174}
% ----------------------------------------------------------------------
\subsection{\label{background:transition:prefixnat}Prefix based NAT - \subsection{\label{background:transition:prefixnat}Prefix based NAT -
FIXME} FIXME}
Explain how it works in general Explain how it works in general

View File

@ -18,6 +18,8 @@ Many misleading
\section{\label{conclusion:P4}P4} \section{\label{conclusion:P4}P4}
NDP parsing problem
checksumming a frequent problem and helper checksumming a frequent problem and helper
Many possibilities Many possibilities

View File

@ -36,7 +36,11 @@ Stateful : no automatic removal
\section{\label{results:jool}Jool} \section{\label{results:jool}Jool}
% ----------------------------------------------------------------------
\section{\label{Results:NetPFGA}NetFPGA} \section{\label{Results:NetPFGA}NetFPGA}
\subsection{\label{results:netpfga:checksum}Checksum computation}
\subsection{\label{results:netpfga:general}to be named}
Trace files Trace files
\begin{verbatim} \begin{verbatim}

Binary file not shown.

View File

@ -2370,9 +2370,12 @@ Describe your task.
%--------------------------------------------------------------------------------------------------------- %---------------------------------------------------------------------------------------------------------
\printnomenclature \printnomenclature
\abbrev{ARP}{Address resolution protocol}
\abbrev{ASIC}{Application-specific integrated circuit} \abbrev{ASIC}{Application-specific integrated circuit}
\abbrev{FGPA}{Field-programmable gate array} \abbrev{FGPA}{Field-programmable gate array}
\abbrev{LPM}{Longes prefix matching} \abbrev{LPM}{Longes prefix matching}
\abbrev{MTU}{Maximum transfer unit}
\abbrev{NDP}{Neighbor Discovery Protocol}
\abbrev{NAT}{Network Address Translation} \abbrev{NAT}{Network Address Translation}
\abbrev{NAT64}{Network Address Translation from / to IPv6 to / from IPv4} \abbrev{NAT64}{Network Address Translation from / to IPv6 to / from IPv4}
\abbrev{RIR}{Regional Internet Registry} \abbrev{RIR}{Regional Internet Registry}

25
doc/graphviz/arp-ndp.dot Normal file
View File

@ -0,0 +1,25 @@
digraph G {
node [ shape="box"];
rankdir="LR";
v6host1 [ label="IPv6 only host (fe80::1 and 2001:db8::1)"];
v6host2 [ label="IPv6 only host (fe80::2 and 2001:db8::2)"];
v4host1 [ label="IPv4 only host (192.0.2.1)"];
v4host2 [ label="IPv4 only host (192.0.2.2)"];
subgraph cluster_v6 {
v6host1->v6host2 [ label="ICMP6 neighbor solicitation, who has 2001:db8::2? [Multicast]" ];
v6host2->v6host1 [ label="ICMP6 Neighbor Advertisement: 2001:db8::2 has 00:00:0a:00:00:42' [Unicast]" ];
}
subgraph cluster_v4 {
v4host1->v4host2 [ label="ARP who has 192.0.2.2? [Broadcast]" ];
v4host2->v4host1 [ label="ARP 192.0.2.2 is at 00:00:0a:00:00:22' [Unicast]" ];
}
}

BIN
doc/graphviz/arp-ndp.png Normal file

Binary file not shown.

After

Width:  |  Height:  |  Size: 37 KiB

13
doc/graphviz/icmp6ndp.dot Normal file
View File

@ -0,0 +1,13 @@
digraph G {
node [ shape="box"];
ipv6 [ label="IPv6" ]
icmp6 [ label="ICMP6" ]
icmp6ns [ label="ICMP6 Neigbor Advertisement" ]
icmp6nsll [ label="ICMP6 Neigbor Solicitation Link layer option" ]
icmp6other [ label="More option fields" ]
ipv6->icmp6->icmp6ns->icmp6nsll->icmp6other;
}

BIN
doc/graphviz/icmp6ndp.png Normal file

Binary file not shown.

After

Width:  |  Height:  |  Size: 17 KiB