Asst Professor Nanyang Technological University 1
TCP/IP LAN : : IPv4 NGI, NGN, GENI, AGN, Veno II 2
TCP/IP : TCP 3
Cont d 1974 Vinton Cerf, Robert Kahn A Protocol for Packet Network Intercommunication IEEE Trans. On Comm. TCP target Provide reliable data comm over unreliable medium (e.g. link(s), intermediate nodes) ( ( ).) Application to application / process to process / e2e MSN/EmailI love you! I hate you Mosaic, Netscape, IE explorer. 4
TCP/IP : IPLAN App 2 App 2 5
Physical World: Technology and Market R R R R R R R 1978. Networking ( -> -> ) IP Target: Universal Networking infrastructure Addressing Universally ( ) Routing Cisco unifies all small market and create a bigger market (grabs this 6
LAN/WAN in 70s/80s Internet in 80s/90s 7
TCP and IP If there is no IP, what happened to TCP? No network no users If there is no TCP, what happened to IP? No reliable communications -> no killer appl. IP,, LAN TCP ComplementaryToday s Internet 8
Layering View LAN App. 1 Applications are quite bound to different types of networks and lack flexibilities App. 2 App. 3 App. 1 App. 2 App. 3 App. 1 App. 2 App. 3 By Introduction of an Universal platform (TCP/IP) No need to spend time on individua networks Provide one universal platform for developing more applications Cisco was born. App. 1 App. 2 App. 3 App. 4 App. 5...... App. n App. 1App. 2App. 3 App. 1App. 2App. 3 App. 1App. 2App. 3 TCP UDP IPv4 Ethernet Token Ring FDDI Ethernet Token Ring FDDI new 9
TCP/IP LAN : : IPv4 NGI, NGN, GENI, AGN, Veno II 10
: (VenoSEC) VenoSEC provides transparent end-to-end security HTTP, Telnet, FTP, POP... HTTP, Telnet, FTP, POP... Internet End-to-end secure channel Firewall NAT VPN Inserted security module Inserted security module Secure channel Insecure - data channel is protected - attackers can with encryption and integrity check eavesdrop or modify the data 11
Based on specific applications SSH, SFTP, SMIME, HTTPS, Based on network links or network infrastructure, rather than end/user IPSEC VPN WEP Firewall IDE Others, e.g., secure infrastructure (static) Analogy to TCP s emphasis on e2e rather than links or intermediate nodes 12
VenoSEC Architecture (static ) (Group Users Scenario) Group 1 VG1 Secure Channel VG2 Group 2 Internet Secure Channel Secure Channel Users are organized into groups VG3 Group 3 13
VenoSEC ArchitectureTrusted Infrastructure is Formulated Dynamically (End Users Scenario) Secure Overlay Network Internet Secure Channel Users are self-organized into a secure overlay network No centralized security management As long as your thumdrive is around you! 14
VenoSEC? Realize reliable and secure data comm over unreliable mediumrealize trusted comm over untrusted networking infrastructure. Application to application / process to process / e2e MSN/Email/FTP/Telnet/WWWI love you! I hate you 15
: IPv4 Internet users are not able to access private IP networks Private IP based networks NAT? Mapping? 16
Cont d Example (name private address) resolution abc1.tsinghua.edu.cn (mapped to private address: 192.168.0.1) abcn.tsinghua.edu.cn 5.query: abc.ntu.edu.sg 1.query: abc.ntu.edu.sg 2.reply: can find 3.query: vg.ntu.edu.sg 4.reply: 155.69.103.10 VG 6.reply: 192.168.0.1 Internet Resolve: abc.ntu.edu.sg abc DNS Server 17
NGI by IETF IPv6 / (shortage of IP Address and security) GENI by NSF Trusted Computing by TCG (companies) AGN by DARPA NGN by ITU Soft switcher 4G/WiMAX 18
TCP/IP LAN : : IPv4 NGI, NGN, GENI, AGN, Veno II 19
What is NGN? ITU QoS. 20
Idea in NGN NGN Data Internet 21
NGN /VoIP NGN TCP/UDP/SCTP Internet IP Internet 22
What s NGI? NGI TCP/IP Internet NGI concepts paper, in 1997 21 NGI NGI 1 2 3 3 Internet NGI 23
Idea in NGI Voice Internet NGI 24
Internet 2: An example of NGI NGI Internet 2. Internet2 200 Internet IPv6 Internet 2 IPv6 25
Architecture: Concrete or Illusive? NGN by ITU Soft switcher NGI by IETF IPv6 / (shortage of IP Address and security) Trusted Computing by TCG (companies) GENI by NSF AGN by DARPA 26
TCP/IP LAN : : IPv4 NGI, NGN, GENI, AGN, Veno II 27
What is Veno II? 28
What is Veno II? Data applications (www, etc) TCP (Reno) UDP DCCP IPv4 29
Internet Today Next Generation Comm. VoIP Data applications TCP (Reno, Veno..) UDP IPv4 IPv6 3G Optical Satellite WLAN Wired Internet Today 30
Veno IINGNNGI NGN V eno II NGI 100x100 project 4G 100% 0% 100% 31
2. Veno II : virtual connectionoriented 32
2. Veno II : virtual connectionoriented (con t) Company network IP Router College network Company network Company Network 33
Veno II Veno II Gateway, IP Router 34
TCP/IP LAN : : IPv4 NGI, NGN, GENI, AGN, Veno II 35
Veno II Trusted Infrastructure is Formulated by VenoSEC ( ) Secure Overlay Network Internet Secure Channel Users are self-organized into a secure overlay network No centralized security management As long as your thumdrive is around you! 36
The soul/platform of telecom, Internet and TV broadcast 37
Veno II De facto Standard? YES! 38
IP DECIBM3COMMIT Berkeley Vinton Cerf 39
Cont d IP cisco Veno II IP Internet Veno II 40
CERNET SUN Microsystem Inc The Chinese University of Hong Kong AOE-IT, Hong Kong UC Berkeley (ACIRI) Linux OS (TCP Veno) My teachers, students, friends and lovers. 41
Thank You! Q & A 42
Veno II Benefit: All Applications are Supported Universally A New Platform Data: Email, FTP, WWW Stream: VoIP, IPTV Games Industry 43