Title :
Securing anycast communications in IPv6 networks by means of IPSec
Author :
Veiga, João ; Costa, Antonio ; Santos, Alexandre
Author_Institution :
Centro Algoritmi, Univ. of Minho, Braga, Portugal
Abstract :
Anycast is a new communication model, introduced by IPv6, relying in a communication paradigm of “one to any”. The primary characteristic of this model is that the information directed to an anycast address is to be received by any node within a set of nodes that share the same address. Anycast communications emerged as a simple paradigm to support server replication and as a simple and efficient alternative to load balancing strategies. On the other hand, although anycast communications are prone to a number of security threats, the conjunction of IPsec with anycast is hard to accomplish. This paper proposes a solution, using IPSec, able to provide secure communications between a client and a set of servers sharing the same anycast address. After a brief survey of the state of art of Anycast and IPSec technologies, the paper analyses experimental results from testing existing anycast and IPSec implementations, working together in real testbed scenarios. Then, a prototype implementation of the solution is developed, tested and evaluated. The proposed solution is totally based on IPSec and does not imply changes to any technology complying with the standards.
Keywords :
IP networks; multicast communication; resource allocation; telecommunication security; IPSec technology; IPv6 networks; anycast communications; communication model; communication paradigm; load balancing; secure communications; security threats; server replication; simple paradigm; Internet; Routing; Routing protocols; Security; Servers; Unicast; Anycast; IKE; IPSec; IPv6; load balancing; security;
Conference_Titel :
Software, Telecommunications and Computer Networks (SoftCOM), 2012 20th International Conference on
Conference_Location :
Split
Print_ISBN :
978-1-4673-2710-7