MUGS, IPv6 and Secure Distributed Sensor Webs Will Ivancic NASA Glenn Research Center [email protected]

MUGS, IPv6 and Secure Distributed Sensor Webs

Will Ivancic

NASA Glenn Research Center

[email protected]

Outline

• VMOC/CLEO/SSTL Routing

• Router key configurations

• Ground Stations

• Secure, Autonomous, Intelligent Controller for Integrating Distributed Sensor Webs– Large File Transfer Using Multiple Ground

Stations– Sensor Webs

VMOC/CLEO/SSTL Routing

SSTL.Private.0/24 SSTL.Public.0/24

SSTL.Private.0/24

S 0/0 (Unnumbered)

FA0/1

Internet

FA0/0

OBP.OBP

Data Workstation

WS1

TelemetryWorkstation

WS3

SSDR0Power

PC.SSDR0

SSDR1Power

PC.SSDR1

SSDR2SA

1100.SSDR3

SSTLNormal

Operations


S 0/0 (Unnumbered)

FA0/1

Internet

FA0/0

OBPSSTL.Private.OBP

Data Workstation

WS1


WS3

SSDR0Power

PC

SSDR1Power

PC

SSDR2SA

1100

Serial1/0.1 CLEO.MobNet.S1/0.Int

roam


roam


roam

CLEOLoopback 0SSTL.PrivateCLEO_Loopbackip route 0.0.0.0 0.0.0.0 Serial1/1.1 245ip route SSTL.Private.SSDR0 255.255.255.255 Serial1/0.1ip route SSTL.Private.SSDR1 255.255.255.255 Serial1/1.1ip route SSTL.Private.SSDR3 255.255.255.255 Serial1/2.1

SSTL.Private.SSDR0

SSTL.Private.SSDR1

SSTL.Private.SSDR3

CLEOSupporting

NormalOperations


S 0/0 (Unnumbered)

FA0/1

Internet

FA0/0

OBPSSTL.Private.OBP

Data Workstation

WS1


WS3

SSDR0Power

PC

SSDR1Power

PC

SSDR2SA

1100

Serial1/0.1 CLEO.MobNet.S1/0.Int/30

roam


roam


roam

CLEOMobile RouterLoopback 1CLEO.MobNet.CLEO_Loopback

CLEO.MobNet.S1/0.SSDR



CLEOSupporting

MobileNetworking CLEO

Home AgentLoopback 1CLEO.MobNet.HA.LoopbackVirtual NetworksCLEO.MobNet.Net / 27vflatsat.MobNet.Net / 28EngModel.MobNet.Net / 27 Future.MobNet.Net / 28

SSTLForeign AgentCare-of-AddressSSTL.Public.FARouter

CLEOHome AgentLoopback 1CLEO.MobNet.HA.LoopbackVirtual NetworksCLEO.MobNet.Net / 27vflatsat.MobNet.Net / 28EngModel.MobNet.Net / 27 Future.MobNet.Net / 28


S 0/0 (Unnumbered)

FA0/1

Internet

FA0/0

OBPSSTL.Private.OBP

Data Workstation

WS1


WS3

SSDR0Power

PC

SSDR1Power

PC

SSDR2SA

1100

Serial1/0.1 CLEO.MobNet.S1/0.Int/30

roam


roam


roam

CLEOMobile RouterLoopback 1192.55.90CLEO_Loopback




CLEOSupporting

MobileNetworking

SSTLForeign AgentCare-of-AddressSSTL.Public.FARouter

1

4

3

2

5CLEOHome AgentLoopback 1CLEO.MobNet.HA.LoopbackVirtual NetworksCLEO.MobNet.Net / 27vflatsat.MobNet.Net / 28EngModel.MobNet.Net / 27 Future.MobNet.Net / 28


S 0/0 (Unnumbered)

FA0/1

Internet

FA0/0

OBPSSTL.Private.OBP

Data Workstation

WS1


WS3

SSDR0Power

PC

SSDR1Power

PC

SSDR2SA

1100


roam


roam


roam

CLEOinterface Loopback1001 ipv6 address 2001:4D0:8A00:5001::1001/128interface Loopback2001ipv6 address 2001:4D0:8A00:5001::2001/128

ipv6 route ::/0 Serial1/0.1

SSTL.Private.SSDR0

SSTL.Private.SSDR1

SSTL.Private.SSDR3

CLEOSupportingIPv6 NormalOperations

HA

IPv4 IPsec Tunnel

IPv6 in IPv4 Tunnel

IPv6 Routing

IPv6 Routing

…5002::/64

IPv6 - HAIPv6 Routing Table - 10 entries

Codes: C - Connected, L - Local, S - Static, R - RIP, B - BGP

U - Per-user Static route

I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea

S 2001:4D0:8A00:5001::1001/128 [1/0]

via ::, Tunnel161

S 2001:4D0:8A00:5001::1002/128 [1/0]

via ::, Tunnel161

S 2001:4D0:8A00:5001::2001/128 [1/0]

via ::, Tunnel162

S 2001:4D0:8A00:5001::2002/128 [1/0]

via ::, Tunnel162

L 2001:4D0:8A00:5002::1/128 [0/0]

via ::, FastEthernet0/0

C 2001:4D0:8A00:5002::/64 [0/0]

via ::, FastEthernet0/0

L FE80::/10 [0/0]

via ::, Null0

L FF00::/8 [0/0]

via ::, Null0

interface Tunnel161 no ip address ipv6 enable tunnel source FastEthernet0/0 tunnel destination 10.10.81.2 tunnel mode ipv6ip!interface Tunnel162 no ip address ipv6 enable tunnel source FastEthernet0/0 tunnel destination 10.227.81.2 tunnel mode ipv6ip!interface Tunnel163 no ip address ipv6 enable tunnel source FastEthernet0/0 tunnel destination 10.100.100.254 tunnel mode ipv6ipipv6 route 2001:4D0:8A00:5001::1001/128 Tunnel161ipv6 route 2001:4D0:8A00:5001::1002/128 Tunnel161ipv6 route 2001:4D0:8A00:5001::2001/128 Tunnel162ipv6 route 2001:4D0:8A00:5001::2002/128 Tunnel162

IPv6 - FAIPv6 Routing Table - 9 entries


U - Per-user Static route

I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary

O - OSPF intra, OI - OSPF inter, OE1 - OSPF ext 1,

OE2 - OSPF ext 2

ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2

S 2001:4D0:8A00:5001::1001/128 [1/0]

via ::, Serial0/0.1

LC 2001:4D0:8A00:5001::1002/128 [0/0]

via ::, Serial0/0.1

S 2001:4D0:8A00:5001::2001/128 [1/0]

via ::, Serial0/0.1

S 2001:4D0:8A00:5001::3001/128 [1/0]

via ::, Serial0/0.1

S 2001:4D0:8A00:5001::4001/128 [1/0]

via ::, Serial0/0.1

S 2001:4D0:8A00:5001::5001/128 [1/0]

via ::, Serial0/0.1

S 2001:4D0:8A00:5002::/64 [1/0]

via ::, Tunnel161

interface Tunnel161 no ip address ipv6 enable tunnel source Serial0/0.1 tunnel destination 192.55.90.222 tunnel mode ipv6ip!interface Serial0/0.1 point-to-point ip unnumbered FastEthernet0/0 ip nat inside ip irdp ip irdp maxadvertinterval 10 ip irdp minadvertinterval 7 ip irdp holdtime 30 ip mobile foreign-service no ip mroute-cache ip policy route-map mr_subnets ipv6 address 2001:4D0:8A00:5001::1002/128 ipv6 enable no arp frame-relay no cdp enable frame-relay interface-dlci 17!ipv6 route 2001:4D0:8A00:5001::1001/128 Serial0/0.1ipv6 route 2001:4D0:8A00:5001::2001/128 Serial0/0.1ipv6 route 2001:4D0:8A00:5001::3001/128 Serial0/0.1ipv6 route 2001:4D0:8A00:5001::4001/128 Serial0/0.1ipv6 route 2001:4D0:8A00:5001::5001/128 Serial0/0.1ipv6 route 2001:4D0:8A00:5002::/64 Tunnel161

IPv6 – CLEO-EMIPv6 Routing Table - 8 entries


I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea

LC 2001:4D0:8A00:5001::1001/128 [0/0]

via ::, Loopback1001

LC 2001:4D0:8A00:5001::2001/128 [0/0]


LC 2001:4D0:8A00:5001::3001/128 [0/0]


LC 2001:4D0:8A00:5001::4001/128 [0/0]


LC 2001:4D0:8A00:5001::5001/128 [0/0]


L FE80::/10 [0/0]

via ::, Null0

L FF00::/8 [0/0]

via ::, Null0

S ::/0 [1/0]

via ::, Serial1/0.1

interface Loopback0 ip address 192.168.1.245 255.255.255.255interface Loopback1 ip address 10.55.90.245 255.255.255.255interface Loopback1001 no ip address ipv6 address 2001:4D0:8A00:5001::1001/128interface Loopback2001 no ip address ipv6 address 2001:4D0:8A00:5001::2001/128interface Loopback3001 no ip address ipv6 address 2001:4D0:8A00:5001::3001/128interface Loopback4001 no ip address ipv6 address 2001:4D0:8A00:5001::4001/128interface Loopback5001 no ip address ipv6 address 2001:4D0:8A00:5001::5001/128!

ipv6 route ::/0 Serial1/0.1

Large File Transfer Using Multiple Ground Stations

HomeAgent(GRC)

Battlefield Operations

(Vandenberg AFB)

Segovia NOC

2nd Ground Station

VMOC-2(GRC)

SSTL

VMOC-1

Open Internet

VMOCDatabase

ExperimentsWorkstationSatellite

Scheduler& Controller

Rate MismatchProblem

Desire is to buffer locally

while in sight of the satellite

then redistribute to the VMOC

<<- Time <<-

Home Agent

VMOC

Open Internet

VMOCDatabase

SatelliteScheduler

& Controller

Ground Station 3

Ground Station 2Ground

Station 1

->> Time ->>

Multi-Ground Station Emulation using the

UK-DMC Engineering Model

Spirent(Adtech)SX/14

ChannelEmulator

Sx/14ChannelEmulator

3640Configured asFrame Relay

Switch

EmulatedForeign AgentGround Router

Network A

EngineeringModel

Mobile RouterCisco 3251

3640Configured asFrame Relay

Switch

8 Mbps 9600 bpsClock

SourceClockSink

DCE

DTE DCE DCE DTE DCEDC

E W

est

DT

E E

ast

Null Modem Cable (Both Systems Supply Clock)

Channel Timing:from DTE & DCE

2-PortSerialSwitch

EmulatedForeign AgentGround Router

Network B

DCE

HomeAgent

Ground Stations

HomeAgent(GRC)

US Army Space & Missile Defense

Battle LabColorado Springs

Segovia NOC

Multi-User Ground Station (MUGS)

Colorado Springs, COSSTL

Guildford England

VMOC-1(GRC)

Open Internet

VMOCDatabase

ExperimentsWorkstationSatellite

Scheduler& Controller

Hiroshima Institute of Technology

Hiroshima, Japan

Universal Space NetworksGround Network

Alaska, Hawaii and Australia

Open Internet

Which should lead to some interesting security and scheduling work!

US Army Space & Missile Defense (US Govt - .mil)

Surrey Satellite Technology Limited

(UK Industry)

Virtual Mission Operations Center

(US Govt. - .gov)

Mobile-IP NEMOHome Agent

(US Govt. - .gov)

Hiroshima Institute of Technology

(Japan Academia - .edu)

Universal Space Network - Alaska

(US Industry - .com)

Universal Space Network - Hawaii

(US Industry - .com)

Universal Space Network - Australia (US Industry - .com)

Sensor Web

Secure, Autonomous, Intelligent Controller for Integrating Distributed Sensor Webs

• Development of architectures and protocols to enable time- critical interaction between space and ground systems;

• Secure, interoperation between sensor webs owned and controlled by various entities;

• Development of the network mobility technology including ad hoc network technology and reachback mechanisms to allow for rapid deployment of, and communication with remote mobile sensor webs.

Goals – Integrating Sensors

• The ability to access sensor webs – in particular space-based sensors – in a time-critical manner will enable new observation measurements and information products.

• The ability to integrate sensor webs owned and controlled by various parties will reduce the risk, cost, size, and development time for Earth science space-based and ground-based information systems.

Scenarios

• Seismic Monitoring / Buoys– Tsunami– Earth Quakes

• USGS Water Gauges– Flooding

• Weather Prediction• UAV/Satellite Integration

– NASA Dryden UAV with Synthetic Aperture Radar

Self-Forming Communication

Path

Reach back to Internet

Communication Path

Mining / Cave/Canyon Exploration

Documents

MUGS, IPv6 and Secure Distributed Sensor Webs Will Ivancic NASA Glenn Research Center [email protected]