Network Address Translation (NAT) causes well-known difficulties for peer-to-peer (P2P) communication, since the peers involved may not be reachable at any globally valid IP address. Several NAT traversal techniques are known, but their documentation is slim, and data about their robustness or relative merits is slimmer. This paper documents and analyzes one of the simplest but most robust and practical NAT traversal techniques, commonly known as "hole punching." Hole punching is moderately well-understood for UDP communication, but we show how it can be reliably used to set up peer-to-peer TCP streams as well. After gathering data on the reliability of this technique on a wide variety of deployed NATs, we find that about 82% of the NATs tested support hole punching for UDP, and about 64% support hole punching for TCP streams. As NAT vendors become increasingly conscious of the needs of important P2P applications such as Voice over IP and online gaming protocols, support for hole punching is likely to increase in the future.

This paper describes the Saami Network Connectivity (SNC) project that seeks to establish Internet communication for the Saami population of Reindeer Herders, who live in remote areas in Swedish Lapland, and relocate their base in accordance with a yearly cycle dictated by the natural behavior of reindeer. This population currently does not have reliable wired, wireless or satellite communication capabilities in major areas within which they work and stay (or would prefer to stay if possible). A radical solution is therefore required, which is compatible with the Saami population's goal to uphold their land by being able to live there and care for the environment. An approach based on the concept of Delay Tolerant Networks is discussed here.

P6P is a new, incrementally deployable networking infrastructure that resolves the growing tensions between the Internet routing infrastructure and the end sites of the Internet. P6P decouples the two through a P2P overlay network formed by the edge routers. P6P brings the benefits of IPv6 directly to end hosts, solving the major headache of IPv6 deployment as well as those of ISP switching, multihoming, and dynamic addressing. P6P is a potential killer-app for P2P protocols and could have profound implication for the future Internet; various existing P2P protocols can be retrofitted into P6P to provide features such as routing robustness and multicast. The paper describes the P6P design and architecture, addresses the security and performance concerns, and shows simulation results that support its feasibility.

Abstract not found

FUNET has been operating a public, globally-used 6to4 (RFC 3056) relay router since November 2001. The traffic has been logged and is now analyzed to gather information of 6to4 and IPv6 deployment. Among other figures, we note that the number of 6to4 capable nodes has increased by an order of magnitude in half a year: in April 2004, there are records of about 2 million different 6to4 nodes using this particular relay. Vast majority of this is just testing the availability of the relay, done by the Microsoft Windows systems, but the real traffic has also increased over time.

Reducing the energy consumption of computers is becoming increasingly important with rising energy costs and environmental concerns. It is especially important for mobile devices such as laptops where battery lifetime is always an issue. Sleep states such as S3 (suspend to RAM) save energy but prevent the device from responding to incoming network events, for example remote desktop logins and file transfer requests. Thus many people do not use S3 and instead leave their computers plugged in and active. Mobile users do not have this flexibility, and as a result their machines are unreachable during the periods when they are in S3. Somniloquy allows computers in S3 to be woken based on incoming network traffic such as incoming VoIP calls or remote file access requests, or other events such as the presence of particular access points. This is done by adding a secondary embedded processor attached to a network interface, forming a low-power domain that remains active even when the rest of the computer is in S3. This secondary processor acts transparently on behalf of the computer, sharing the same MAC address, IP address, host name, etc. Remote servers and network hardware remain completely unaware of the low-power state. We present a prototype implementation of Somniloquy using a USB peripheral, which is therefore easily retrofitted to existing computers. Our prototype achieves a ten-fold increase in battery lifetime compared to an idle computer not in S3, while only adding 4-7s of latency to respond to applicationlayer events. Our system allows computers to appear alwayson when they are in fact talking in their sleep.

The Internet’s architecture, designed in the days of large, stationary computers tended by technically savvy and accountable administrators, fails to meet the demands of the emerging ubiquitous computing era. Nontechnical users now routinely own multiple personal devices, many of them mobile, and need to share information securely among them using interactive, delay-sensitive applications. Unmanaged Internet Architecture (UIA) is a novel, incrementally deployable network architecture for modern personal devices, which reconsiders three architectural cornerstones: naming, routing, and transport. UIA augments the Internet’s global name system with a personal name system, enabling users to build personal administrative groups easily and intuitively, to establish secure bindings between his devices and with other users’ devices, and to name his devices and his friends

This document is concerned with security vulnerabilities in IPv6-in-IPv4 automatic tunnels. These vulnerabilities allow an attacker to take advantage of inconsistencies between the IPv4 routing state and the IPv6 routing state. The attack forms a routing loop that can be abused as a vehicle for traffic amplification to facilitate denialof-service (DoS) attacks. The first aim of this document is to inform on this attack and its root causes. The second aim is to present some possible mitigation measures. It should be noted that at the time of this writing there are no known reports of malicious attacks exploiting these vulnerabilities. Nonetheless, these vulnerabilities can be activated by accidental misconfiguration. Status of This Memo This document is not an Internet Standards Track specification; it is published for informational purposes. This document is a product of the Internet Engineering Task Force (IETF). It represents the consensus of the IETF community. It has received public review and has been approved for publication by the Internet Engineering Steering Group (IESG). Not all documents approved by the IESG are a candidate for any level of Internet

Abstract. IPv6 addresses are longer than IPv4 addresses, and are so capable of greater expression. Given an IPv6 address, conventions and standards allow us to draw conclusions about how IPv6 is being used on the node with that address. We show a technique for analysing IPv6 addresses and apply it to a number of datasets. The datasets include addresses seen at a busy mirror server, at an IPv6enabled TLD DNS server and when running traceroute across the production IPv6 network. The technique quantifies differences in these datasets that we intuitively expect, and shows that IPv6 is being used in different ways by different groups. 1

Tunnels are widely used to improve security and to expand networks without having to deploy native infrastructure, and play an important role in the migration to IPv6. In this paper we introduce a number of techniques to detect, and collect information about, IPv6-in-IPv4 tunnels. We also show how, once a tunnel has been discovered, it can be used as a “vantage point ” to launch third-party tunnel-discovery explorations, scaling up the discovery process. We describe the Tunneltrace tool which implements the proposed techniques, and validate them by means of a wide experimentation on the 6bone tunneled network, on the Italian Academic and Research network, and through the test boxes deployed worldwide by the RIPE NCC as part of the Test Traffic Measurements Service. We assess to what extent 6bone registry information is coherent with the actual network topology, and we provide the first experimental results on the current distribution of IPv6-in-IPv4 tunnels in the Internet, showing that tunnels are very common: even the “native ” networks we tested reach more than 60 % of all IPv6 prefixes through tunnels.