local-link networking
DESCRIPTION
Presentation on Local-Link Networking given at CarolinaCon4Overview of LAN protocols past and present.TRANSCRIPT
What is Local-Link?
Any grouping of hosts without requiring a router or gateway and are directly reachable
• Local Area Networks• Workgroups• Peer Networks• Ad-Hoc Networks• Broadcast Domains
LAN Protocols
Golden Age LAN Protocols• NetBeui (Windows Native)• Appletalk (Mac Native)• IPX/SPX (Novell)
TCP/IP Local-Link Protocols• UPnP (Windows Native)• Zeroconf (Mac Native “Bonjour”)• SLP (Smells like Novell)
Why Local-Link?
Same reasons LAN’s were fun
GAMES!!!PrintersEntertainment and Home AutomationAd-Hoc and Disposable NetworksDigital Living Network Alliance
Why Local-Link? (cont.)
UPnP – SOHO/Firewalls devicesZerocof – Network Printers
Local-Link Architecture
APPLICATION
DISCOVERY
NAMING
APPLICATION
TRANSPORT
NETWORK
DATA-LINK
UPnP
TCP/IP Local-Link Zeroconf
DNS-SD
mDNS
APIPA
UPnP
APIPA
SLP
ADDRESSING
SLPSSDP
Primum non Nocere
MUST NOT cause harm to the network
Zeroconf protocols are designed to operate nicely or in concert with managed networks.
Each layer is “á la cart,” operating entirely ad-hoc, hybrid with managed infrastructure, or disabled.
Addressing Layer
Dynamic Host Configuration ProtocolRFC 2131
If a DHCP server exists in the network, IP assignment behaves traditionally.
If DHCP fails, the network is considered unmanaged and AIPIA takes over.
Addressing Layer (Cont.)
Automatic Private IP Assignment RFC 3927 – (169.254/16 Prefix)
Selects a random host IP falling inside the Private IP range.
Checks that the IP is unused via an Arp request
Sends a Claiming-ARP to clean stale caches
Naming Layer
Why?IP Addresses aren’t user-friendly, or in APIPA even significant.
What?Use .local or .home TLD’s to replace IP addresses
How?Magic…err, Multicast-DNS (mDNS)
Naming Layer (Cont.)
mDNS
Will attempt to resolve over centralized DNS servers if possible
Failing that a DNS request will be sent to a multicast address on UDP 5353
Naming Layer (Cont.)
Name Request
Node will attempt to resolve the name it wants, waiting for an answer. If the name is available, it will send out an mDNS answer.
Nodes will cache mDNS replies to save bandwidth and will answer requests for hosts that are temporarily unavailable.
Discovery Layer
Why?• Imagine never needing to Portscan :D• Port numbers are boring• Network Awareness, I want to know if the
network I’m on has a web server…How?• DNS-SD• SSDP• SLP
Discovery Layer (Cont.)
DNS-Service Discovery (DNS-SD)
Service discovery, mDNS styleraison d'être of Zeroconf
Discovery Layer (Cont.)
Broadcasting Bookmarks via DNS-SD
Discovery Layer (Cont.)
Simple Service Discovery Protocol (SSDP)
Service Locator Protocol (SLP)RFC 2608
Less popular
Application Layer
Universal Plug and Play (UPnP)XML-SOAPStandard Multi-Vendor Language
Implementations
• UPnP• Bonjour• Avahi
Security Concerns
• Denial of Service• Spoofing• MitM attacks
Questions?
More Resources
• RFC 2608• RFC 3927• http://www.zeroconf.org/• http://www.multicastdns.org/• http://www.dns-sd.org/• http://www.upnp.org/• http://developer.apple.com/networking/bonjour/
This presentation can be found at ERISresearch.org
ERIS Research
Internet Society
This work is licensed under the Creative Commons Attribution-Noncommercial 3.0 United States License. To view a copy of this license, visit http://creativecommons.org/licenses/by-nc/3.0/us/ or send a letter to
Creative Commons171 Second StreetSuite 300San FranciscoCalifornia, 94105, USA.