Your SlideShare is downloading. ×
0
Cullen Jennings’s Presentation at eComm 2009
Cullen Jennings’s Presentation at eComm 2009
Cullen Jennings’s Presentation at eComm 2009
Cullen Jennings’s Presentation at eComm 2009
Cullen Jennings’s Presentation at eComm 2009
Cullen Jennings’s Presentation at eComm 2009
Cullen Jennings’s Presentation at eComm 2009
Cullen Jennings’s Presentation at eComm 2009
Cullen Jennings’s Presentation at eComm 2009
Cullen Jennings’s Presentation at eComm 2009
Cullen Jennings’s Presentation at eComm 2009
Cullen Jennings’s Presentation at eComm 2009
Cullen Jennings’s Presentation at eComm 2009
Cullen Jennings’s Presentation at eComm 2009
Cullen Jennings’s Presentation at eComm 2009
Cullen Jennings’s Presentation at eComm 2009
Cullen Jennings’s Presentation at eComm 2009
Cullen Jennings’s Presentation at eComm 2009
Cullen Jennings’s Presentation at eComm 2009
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Cullen Jennings’s Presentation at eComm 2009

766

Published on

How Your ISP Plans to "Help" You, and Break the Internet

How Your ISP Plans to "Help" You, and Break the Internet

Published in: Technology, Education
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
766
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
38
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  1.  
  2. NATs Good, Bad, and Complicated How your ISP plans to &quot;Help” you, and break the Internet Cullen Jennings <fluffy@cisco.com>
  3. IPv4 Completion <ul><li>True or False: Stanford has more address than China? </li></ul><ul><li>[Graphs as of Nov 2008 from www.potaroo.net] </li></ul>World as we know it ends Real Soon Now
  4. What NATs do: 10,000 Foot View <ul><li>Allow several session to different devices behind that NAT to look like multiple sessions from a single device to outside world </li></ul><ul><li>NAT looks like a router to devices inside the NAT </li></ul><ul><li>NAT looks like a single host to devices outside the NAT </li></ul>Outside Inside
  5. Carrier Grade NAT <ul><li>What does “Carrier Grade” mean? </li></ul><ul><ul><li>Carriers run it </li></ul></ul><ul><ul><li>It is big and fast </li></ul></ul><ul><ul><li>It can do policy </li></ul></ul><ul><ul><li>It is not on the edge of the network </li></ul></ul>
  6. NAT Traversal
  7. The Problem Cullen cisco.com skype.com Jonathan SIP RTP INVITE INVITE INVITE RTP
  8. Hole Punching <ul><li>Works for NATs with: </li></ul><ul><ul><li>address independent mapping and address independent filtering </li></ul></ul>Echo Server N Peer 1) What’s my address? 2) You are at N:100 3) Send to N:100 4) Data
  9. Media Relay <ul><li>Works with all NATs </li></ul><ul><li>Requires bandwidth for relay and adds latency </li></ul>Relay Server N Peer 1) Give me a port 2) You can use R:100 3) Send to R:100 4) Data R
  10. The Latency Problem <ul><li>Communication is often between parties in same geography </li></ul><ul><li>When parties are separated, relay is often off path </li></ul><ul><li>Human communications work best at < 150ms latency </li></ul><ul><ul><li>Games require even less latency </li></ul></ul>Tokyo Tokyo Taipei 45 ms 45 ms 20 ms Taipei 150 ms Amsterdam San Jose 140 ms 280 ms RELAY A B RELAY A B
  11. ICE Relay Server N Peer <ul><li>Gather Address </li></ul><ul><li>P:100 private </li></ul><ul><li>N:200 from Echo </li></ul><ul><li>R:300 from Relay </li></ul><ul><li>4) Choose </li></ul><ul><li>Use N:200 </li></ul>2) Try all of P:100, N:200, R:300 3) Check connectivity R P Echo Server 3) Check connectivity
  12. NATs, Carriers, And you
  13. Carrier Grade NAT “Features” <ul><li>Limit number of connections per user (more for “Gold” users) </li></ul><ul><li>Point to rate shape bandwidth </li></ul><ul><li>Small timeout to reduce attacks on “guessed ports” </li></ul><ul><li>Block “unsafe” ports like 25 </li></ul><ul><li>Protect Identity with anonymous streams. </li></ul><ul><ul><li>No longer possible to correlate same person surfs </li></ul></ul><ul><ul><li>http://www.flickr.com/photos/cullenfluffyjennings </li></ul></ul><ul><ul><li>http://www.adultsheepfinder.com </li></ul></ul>
  14. AJAX <ul><li>Over 30 TCP Connections for Google map </li></ul><ul><li>Bittorrent uses many TCP connections </li></ul><ul><li>Future applications will use far more connections </li></ul><ul><li>Applications will be “connected” more often </li></ul><ul><li>Each user will have more “applications” at same time </li></ul><ul><li>How many IM session do you have open? </li></ul>
  15. IPv4 Completion [Graphs as of Nov 2008 from www.potaroo.net]
  16. Example Large ISP Address Usage <ul><li>May 2008, Comcast said it would need over 100 Million IP in near future </li></ul><ul><li>For each subscriber have 8 IP address with 20 Million video customers </li></ul><ul><ul><li>1 Cable Modem </li></ul></ul><ul><ul><li>1 Home Router </li></ul></ul><ul><ul><li>1 Voice MTA </li></ul></ul><ul><ul><li>2 per Set Top Box with 2.5 STB/ customer </li></ul></ul>
  17. Good News / Bad News
  18.  
  19.  

×