4198074a4e58edbe17cfbc63e06da24428722968
[skm-ma-ws1314.git] / sec-address-allocation.tex
1 \subsection{Address allocation}
2 Considering the TCP/IP protocol suite, in order to be able to communicate on the
3 IP layer, a device needs to configure one of its network interfaces with
4 an IP address that can be reached from the network that the device wants to connect
5 to. There are several ways of achieving this:
6
7 \begin{itemize}
8 \item The IP address is pre-selected by a human and stored in the device
9 configuration. This process is cumbersome when more than one device needs to
10 be configured, and humans have to remember which addresses are configured on
11 which device, and which addresses are still free to use on additional
12 devices.
13
14 \item Deploying a central server that assigns network addresses
15 to the devices in the network, which in order query the server (for example
16 via broadcast or on a lower layer) for a unique address before they use the
17 IP layer for the first time. This technique supersedes the dependency of
18 human memory for mapping IP addresses to devices, and can easily be combined
19 with additional central configuration management, like the automatic
20 assignment of a static gateway, or a DNS resolver.\\
21 The DHCP protocol is one example of central IP address management.
22
23 \item A third alternative is the use of a distributed protocol which enables
24 the devices on the network to choose addresses in accordance with other
25 devices on the same network, so no IP address is used more than once. In
26 respect to the Internet of Things, this approach has the advantage that
27 those devices can easily be used in different scenarios without needing
28 central deployment at all, and also allowing them to change their addresses
29 dynamically, therefore easily reacting to changes in the network. \\
30 There are two major protocols which are used for dynamic configuration of IP
31 addresses. In the IPv4 world, Link-Local Addressing~\cite{rfc3927} is often
32 used, and in IPv6 networks, Stateless Address
33 Autoconfiguration~\cite{rfc4862} is a fundamental feature built into every
34 device.
35
36 \end{itemize}
37
38 \paragraph{IPv4 Link-Local Addressing}
39
40 \term{Link-Local Addressing}, also known as \term{Automatic Private IP
41 Addressing (APIPA)} or \term{Zeroconf}, uses the IPv4 subnet
42 \code{169.254.0.0/16} for addressing. Every device first chooses a random
43 address from that address space. Then it checks if the chosen address is used
44 by any other device on the network by probing the chosen address, which is
45 usually done using the ARP protocol. If the probing process results that the
46 address is not used on the network (e.~g. no device returned an ARP response
47 during a random time interval), the device claims its chosen address and uses it
48 for communication on the IPv4 layer. If the chosen address is already used, the
49 device continues the process, subsequently choosing a new random address and
50 trying to claim it, until a free address has been found.
51
52 \paragraph{IPv6 Stateless Address Autoconfiguration}
53
54 Similar to IPv4 Link-Local Addressing, devices configured with \term{IPv6
55 Stateless Addressing Autoconfiguration} use an IPv6 address from the subnet
56 \code{fe80::/64}. First, an \term{interface identifier} is generated using the
57 interface's MAC address. Since MAC addresses must be unique in the network, a
58 unique IPv6 address is obtained by combining the subnet prefix and the interface
59 identifier. To ensure that no other device exists with this generated IPv6
60 address, the device performs \term{Duplicate Address Detection} on the network
61 through \term{Neighbor Advertisement} messages and listening for \term{Neighbor
62 Solicitation} messages. If such messages are received from other hosts, the
63 configured address cannot be used by the device and must be discarded.
64 Therefore, in order to use IPv6 effectively, it must be guarranteed that MAC
65 addresses are unique on the network.
66
67 In contrast to IPv4 Link-Local Addressing, IPv6 Stateless Address
68 Autoconfiguration can also be used with a central server. In this case, a
69 central server broadcasts \term{Router Solicitation} messages on the network
70 which contain a global network prefix. The hosts on the network can then use
71 that prefix instead to configure a global IPv6 address.
72
73 % vim: set ft=tex et ts=2 sw=2 :
This page took 0.042596 seconds and 3 git commands to generate.