Coalition Networking

1

• Coalition Networking
• in INSC

Dr. John Robinson RNS/VPNT/CRC
2

• Technical Architecture for a Coalition Internet
• INSC Test Demonstration Network
• Exploitation and Transition

3
INSC Coalition Deployment Scenario
4
STANAG 5048
Strategic WAN
National DHQ
National DHQ
NATO
Theatre Operational WAN
LogCC
CJTFHQ
APOD
SPOD
ACC
MCC
LCC
MNTF
Tactical WANs
MN Div1
MN Div2
MN Bde
Nat Bde
5
INSC Operational Architecture
6
Component Area Framework
BUILDING BLOCKS ROUTING SECURITY MOBILITY MANAGEME
NT QoS DIRECTORIES
7

• The INSC Test Demonstration Network

8
Design Principles
There is only one coalition with two coalition
security domains. All the CLANs are at the same
security level, in one closed VPN. The JCWAN,
the LWAN and the MWAN are separate
interconnected Autonomous Systems. Some
coalition member nations will have national LANs
in seperated national VPNs.
9
Technical Architecture
10
The Coalition Local Area Network
11
The Coalition Local Area Network
TASK 2 Applications Environment
12
The Coalition Local Area Network
TASK 3 Network Management
13
The Coalition Local Area Network
TASK 8 Directories
14
The Coalition Local Area Network
TASK 4 Security
15
The Coalition Local Area Network
RED Routing - IPv4 IPv6 Traffic and Tunnels
TASK 5
16
The Coalition Local Area Network
BLACK Routing - IPv6 Traffic and Tunnels
TASK 5
17
The Coalition Local Area Network
18
National Contributions to the INSC Network
19
National Contributions to the INSC Network
TASK 7 SubNetworks - WAN Topologies
JCWAN
MWAN
LWAN
20
Canadian Testbed - General Architecture
21
Canadian Testbed - Detailed View
22
Highlights
The INSC Test Demonstration Network

• Integration of building block technologies into a
  multi-national coalition network
• ltIPSec, SNMP, OSPF, BGP, DiffServ, OLSR, MIPv6,
  OpenLDAPgt
• Practical experience with IPv4/IPv6 in a military
  context
• VPN across Transit Networks
• Distributed Network Management
• Dynamic routing
• End-to-End QoS
• Mobile Networks
• Robust Directories

23

• Exploitation and Transition

24
Technical Accomplishments
Distributed network management employing IPv4
SNMPc for management information transfer via
v4/v6 tunnels. First prototype IPv6/IPSec
implemented for FreeS/WAN Linux. OLSR code
ported to IPv6. New MIPv6 and OLSR routing
extensions defined to enable MIPv6 support with
OLSR. QoS in MANETs. Directory service
supporting DNS in the red and black networks, and
a repository service for PKI.
25
Project Accomplishments
Architecture for a deployed Coaltion Force has
been developed validated This is the 1st
major investigation of v4/v6 in military
context. The INSC products (design concepts,
expertise) are valuable for future
coalitions INSC has demonstrated that such a
network can be built. Considerable care must be
taken in managing the configuration.
26
Lessons Learned
RD is important in the commercial standards
process.
IPv6 core technologies are becoming mature and
stable.
Security Architecture is simple and flexible but
the design impacts QoS, Management and Routing.
27
Transition
National IPv6 Transition Policies US DoD, Ge
MoD Fr MoD (tba) have declared the intent to
transition to IPv6. National Systems German
Army - KINTOP II USA Navy - ADNS
28
CA
FR
US
GE
UK
NO
IT
NC3A
NL
29
Mobility in the Architecture
TASK 6
30
QoS in the Architecture
TASK 5