Intermediate network elements, such as network address translators (NATs), firewalls, and transparent caches are now commonplace. The usual reaction in the network architecture community to these so-called middleboxes is a combination of scorn (because they violate important architectural principles) and dismay (because these violations make the Internet less flexible). While we acknowledge these concerns, we also recognize that middleboxes have become an Internet fact of life for important reasons. To retain their functions while eliminating their dangerous side-effects, we propose an extension to the Internet architecture, called the Delegation-Oriented Architecture (DOA), that not only allows, but also facilitates, the deployment of middleboxes. DOA involves two relatively modest changes to the current architecture: (a) a set of references that are carried in packets and serve as persistent host identifiers and (b) a way to resolve these references to delegates chosen by the referenced host. 1

By submitting this Internet-Draft, I certify that any applicable patent or other IPR claims of which I am aware have been disclosed, and any of which I become aware will be disclosed, in accordance with RFC 3668. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at

The document describes an IPv6-to-IPv4 transport relay translator (TRT). It enables IPv6-only hosts to exchange {TCP,UDP} traffic with IPv4-only hosts. A TRT system, which locates in the middle, translates {TCP,UDP}/IPv6 to {TCP,UDP}/IPv4, or vice versa.

method for inferring the percentage of public/private internet boundaries that utilize network address port translation (NAPT, often colloquially referred to as NAT). Estimates were obtained from the IP address/port pairs seen in the server logs of three well-used, online game servers between May 2001 and June 2002. The report concludes that NAPT may be in use at approximately 17 to 25 % of public/private internet access boundaries in the online gaming community. Estimates of NAT deployment can help provide context for discussions about the need for IPv6 and other techqniues for scaling the Internet.

The Internet continues to grow beyond the capabilities of IPv4. An expansion in the address space is clearly required. With its increase in the number of available prefixes and addresses in a subnet, and improvements in address management, IPv6 is the only real option on the table. Yet, IPv6 deployment requires some effort, resources, and expertise. The availability of many different deployment models is one reason why expertise is required. This document discusses the IPv6 deployment models and migration tools, and it recommends ones that have been found to work well in operational networks in many common situations. Status of This Memo This document is not an Internet Standards Track specification; it is published for informational purposes. This document is a product of the Internet Engineering Task Force (IETF). It represents the consensus of the IETF community. It has received public review and has been approved for publication by the Internet Engineering Steering Group (IESG). Not all documents approved by the IESG are a candidate for any level of Internet Standard; see Section 2 of RFC 5741. Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at

Abstract not found

In 1981, Saltzer, Reed, and Clark identified "end-to-end" principles related to the design of modern layered protocols. The Internet started out as a network in which all "intelligence" was placed in the end-nodes (hosts), while the network is strictly concerned with the best-effort delivery of individual packets. To an application residing on several hosts the network is therefore "transparent" in that it has no effect on the application other than facilitating the delivery of information between the applications. The Internet today is not as transparent as Saltzer et al. had envisioned. While most of the intelligence remains concentrated in end systems, users and network * supported in part by a grant from NASA #NGT-30019 and the John Deere & Company 1 author for correspondence; contact information: hkruse1@ohiou.edu telephone/fax (740) 593-4891/4889 hardcopy mail J. Warren McClure School of Communication Systems Management, 9 South College Street, Room 197, Athens, OH 45701-2979 USA 2 Telecommunications Program within Department of Applied Computer Science, Email: wjyurci@ilstu.edu 3 Email: lessig@pobox.com 2 operators are now deploying more sophisticated processing within the network for a variety of reasons including security, network management, E-commerce, and survivability. For example end-users are deploying Network Address Translators (NATs) to circumvent problems related to IP address allocation, and firewalls and proxy servers for security at the interface between the user's network and the Internet. Network operators use packet filters and application level gateways to deal with security issues ranging from "spam" to denial of service attacks. In addition, network operators are deploying router software to enable differentiated levels of servi...

Abstract — The idea of using a phone as a remote control for household devices is not new. However, new digital technologies such as Voice-over-IP and signaling protocols such as SIP enable new methods of integrating the user interface of a phone with the digital IP infrastructure being deployed in the home. We developed and deployed the Key Press Markup Language and SIP Event Package (KPML) to address the need for a signaling-layer protocol for transmitting user stimulus from low-power, consumer devices such as IP phones to control household consumer devices. + Index Terms — Home automation, remote control, telecontrol, telephony.

Abstract. Using probabilistic learning, we develop a naive Bayesian classifier to passively infer a host’s operating system from packet headers. We analyze traffic captured from an Internet exchange point and compare our classifier to rule-based inference tools. While the host operating system distribution is heavily skewed, we find operating systems that constitute a small fraction of the host count contribute a majority of total traffic. Finally as an application of our classifier, we count the number of hosts masquerading behind NAT devices and evaluate our results against prior techniques. We find a host count inflation factor due to NAT of approximately 9 % in our traces. 1

Offloading to hardware components that support the primary task of a system enables sea-paration of concerns and allows both the primary and offloaded components of a system to be easy to understand, manage, and evolve independent of other components. In this dissertation, we explore the software mechanisms required to effectively offload functionality to idle processing elements. We present the design, implementation, and evalua-tion of three system architectures – TCPServers, Orion, and FileWall, which offload functional-ity for improving performance (TCPServers), improving availability (Orion), and for extending functionality (FileWall). We explore software mechanisms to offload functionality to a subset of processors in an Symmetric Multiprocessor (SMP) system, a programmable network inter-face, and an interposing network middlebox to realize the three system architectures. TCPServers is a system architecture that offloads network processing to a subset of proces-sors in an SMP system. Network processing imposes direct and indirect overheads on server systems. It directly affects system performance since it executes at a higher priority than ap-plication tasks and prevents other components of the system from executing simultaneously on the processors. It indirectly affects performance by causing cache pollution and Trans-