Tunnels are widely used to improve security and to expand networks without having to deploy native infrastructure. They play an important role in the migration to IPv6, which relies on IPv6-in-IPv4 tunnels where native connectivity is not available. However, tunnels offer lower performance and are less reliable than native links. In this paper we introduce a number of techniques to detect, and collect information about, IPv6- in-IPv4 tunnels, and show how a known tunnel can be used as a “vantage point” to launch third-party tunnel-discovery explorations, scaling up the discovery process. We describe our Tunneltrace tool, which implements the proposed techniques, and validate them by means of a wide experimentation on the 6bone tunneled network, on native networks in Italy, the Netherlands, and Japan, and through the test boxes deployed worldwide by the RIPE NCC as part of the Test Traffic Measurements Service. We assess to what extent 6bone registry information is coherent with the actual network topology, and we provide the first experimental results on the current distribution of IPv6-in-IPv4 tunnels in the Internet, showing that even “native” networks reach more than 60 percent of all IPv6 prefixes through tunnels. Furthermore, we provide historical data on the migration to native IPv6, showing that the impact of tunnels in the IPv6 Internet did not significantly decrease over a six-month period. Finally, we briefly touch on the security issues posed by IPv6-in-IPv4 tunnels, discussing possible threats and countermeasures. -

Lorenzo, C., DI BATTISTA, G., Patrignani, M. (2004). IPv6-in-IPv4 tunnel discovery: methods and experimental results. IEEE TRANSACTIONS ON NETWORK AND SERVICE MANAGEMENT, 1, 2-10 [10.1109/TNSM.2004.4623692].

IPv6-in-IPv4 tunnel discovery: methods and experimental results

DI BATTISTA, Giuseppe;PATRIGNANI, Maurizio
2004-01-01

Abstract

Tunnels are widely used to improve security and to expand networks without having to deploy native infrastructure. They play an important role in the migration to IPv6, which relies on IPv6-in-IPv4 tunnels where native connectivity is not available. However, tunnels offer lower performance and are less reliable than native links. In this paper we introduce a number of techniques to detect, and collect information about, IPv6- in-IPv4 tunnels, and show how a known tunnel can be used as a “vantage point” to launch third-party tunnel-discovery explorations, scaling up the discovery process. We describe our Tunneltrace tool, which implements the proposed techniques, and validate them by means of a wide experimentation on the 6bone tunneled network, on native networks in Italy, the Netherlands, and Japan, and through the test boxes deployed worldwide by the RIPE NCC as part of the Test Traffic Measurements Service. We assess to what extent 6bone registry information is coherent with the actual network topology, and we provide the first experimental results on the current distribution of IPv6-in-IPv4 tunnels in the Internet, showing that even “native” networks reach more than 60 percent of all IPv6 prefixes through tunnels. Furthermore, we provide historical data on the migration to native IPv6, showing that the impact of tunnels in the IPv6 Internet did not significantly decrease over a six-month period. Finally, we briefly touch on the security issues posed by IPv6-in-IPv4 tunnels, discussing possible threats and countermeasures. -
2004
Lorenzo, C., DI BATTISTA, G., Patrignani, M. (2004). IPv6-in-IPv4 tunnel discovery: methods and experimental results. IEEE TRANSACTIONS ON NETWORK AND SERVICE MANAGEMENT, 1, 2-10 [10.1109/TNSM.2004.4623692].
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11590/134178
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 21
  • ???jsp.display-item.citation.isi??? ND
social impact