Advertisement

Shim6: Reference Implementation and Optimization

  • Jun Bi
  • Ping Hu
  • Lizhong Xie
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4982)

Abstract

Shim6 is an important multihoming solution. This paper studies shim6 from several perspectives, including shim6 protocol implementation, shim6 mechanism optimization and security enhancement. In order to provide a shim6 research platform, we implement shim6 protocol on the Linux 2.6 platform as one of the first reference implementations. Based on this research platform, we refine the shim6 address switching mechanism, which reduces shim6 address switching time greatly. In addition, we propose an enhanced shim6 security mechanism to defeat reflection-type DoS/DDoS attacks launched from the multihomed site, by preventing source address spoofing in the multihomed site.

Keywords

Multihoming Shim6 IPv6 

References

  1. 1.
    Nordmark, E.: Level 3 multihoming shim protocol, draft-ietf-shim6-proto-08.txt (2007)Google Scholar
  2. 2.
  3. 3.
    Salim, J., Khosravi, H., Kleen, A., Kuznetsov, A.: Linux Netlink as an IP Services Protocol. RFC 3549 (July 2003)Google Scholar
  4. 4.
    Arkko, J., Beijnum, I.: Failure Detection and Locator Pair Exploration Protocol for IPv6 Multihoming. draft-ietf-shim6-failure-detection-07.txt (2006)Google Scholar
  5. 5.
    Stewart, R., et al.: Stream Control Transmission Protocol. IETF RFC 2960 (2000)Google Scholar
  6. 6.
    Ferguson, P., Senie, D.: Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing. RFC2827 (2000)Google Scholar
  7. 7.
    Baker, F. and Savola, P.: Ingress Filtering for Multihomed Networks. RFC3704 (2004)Google Scholar
  8. 8.
    American National Standards Institute: IEEE-SA Standards Board: IEEE Standard for Local and metropolitan area networks - Port-Based Network Access Control (2001)Google Scholar
  9. 9.
    Cisco Systems: Network Admission ControlGoogle Scholar
  10. 10.
    Microsoft: Network Access ProtectionGoogle Scholar
  11. 11.
    TNC: TCG Trusted Network Connect TNC Architecture for Interoperability (2005)Google Scholar

Copyright information

© IFIP International Federation for Information Processing 2008

Authors and Affiliations

  • Jun Bi
    • 1
  • Ping Hu
    • 1
  • Lizhong Xie
    • 1
  1. 1.Network Research CenterTsinghua UniversityBeijingChina

Personalised recommendations