-mccann dmm flatarch 00 - Internet Engineering Task Force · -mccann dmm flatarch 00.txt March 26, 2012 . HUAWEI TECHNOLOGIES CO., LTD. 35pt : R153 G0 B0 : FrutigerNext LT Medium

HUAWEI TECHNOLOGIES CO., LTD.

www.huawei.com

47pt

30pt

反白

:

FrutigerNext LT Medium

: Arial

47pt

黑体

28pt

反白

细黑体

draft-mccann-dmm-flatarch-00.txt

March 26, 2012


35pt

: R153 G0 B0

:


: Arial

32pt

: R153 G0 B0

黑体

22pt

) :18pt

黑色

:

FrutigerNext LT Regular

: Arial

20pt

):18pt

黑色

细黑体

Outline

Drawbacks of Existing Hierarchical Tunnel Solutions

Elements of a Flat Wireless Internet Service Provider

Mobility Management

Secure Binding of Assigned Address

Conclusions

Page 2


35pt

: R153 G0 B0

:


: Arial

32pt

: R153 G0 B0

黑体

22pt

) :18pt

黑色

:


: Arial

20pt

):18pt

黑色

细黑体

Existing Practice: Hierarchical Tunnels

Page 3

eNB

eNB eNB

eNB

Internet

S-GW S-GW

P-GW

S1

S5/S8

Gi

Inefficient

Routing

Single Point

of Failure

Encapsulation

Overhead

Wireless-specific

router with

capex & opex

Many UEs will be stationary;

Most will be clients not servers

and don’t need a fixed address


35pt

: R153 G0 B0

:


: Arial

32pt

: R153 G0 B0

黑体

22pt

) :18pt

黑色

:


: Arial

20pt

):18pt

黑色

细黑体

Typical Wireline Internet Service Provider

Page 4

Internet

Access

Aggregation

Core

Multiple redundant points

of connectivity to the Internet

Network appears as one

or more Autonomous Systems (AS)

to the peers in the Internet; runs BGP

AS100

Technology-specific Network

Access Servers facing customer

lines

Redundant aggregation routers act as

IBGP route reflectors for the access layer IBGP Peering Relationships

Shortcut link used in IGP (e.g., OSPF,

EIGRP, IS-IS) but NOT an IBGP peering


35pt

: R153 G0 B0

:


: Arial

32pt

: R153 G0 B0

黑体

22pt

) :18pt

黑色

:


: Arial

20pt

):18pt

黑色

细黑体

Possible Future Wireless ISP

Page 5

BS

Internet Home DNS

Server(s)

Local Caching

Resolver(s) and

in-addr.arpa Server(s)

Access

Aggregation

Core

• Flat network of Base Stations

• Redundant upstream ISPs

• Redundant mesh of IP connectivity

• Not a strict hierarchy

• No single point of failure

• Blue routers are COTS

• (vanilla wireline routers)

BS

BS

BS


35pt

: R153 G0 B0

:


: Arial

32pt

: R153 G0 B0

黑体

22pt

) :18pt

黑色

:


: Arial

20pt

):18pt

黑色

细黑体

Mobility Management in a Flat Network

Each BS owns a pool of addresses

Mobile nodes attach/authenticate, get an address

Upon attachment/authentication to new BS, send iBGP routing

update with NLRI set to the already-assigned address

All iBGP routers will set the new BS as the next hop

Punches a hole in the routing tables

Update is limited in scope if movement is within the same route reflector

cluster

Page 6


35pt

: R153 G0 B0

:


: Arial

32pt

: R153 G0 B0

黑体

22pt

) :18pt

黑色

:


: Arial

20pt

):18pt

黑色

细黑体

IBGP Routing Update

Page 7

1. UPDATE sent to parent

aggregation routers

3. UPDATE sent to core

routers 4. Core routers make BGP

policy decision and route

traffic on direct path to new

base station

2. UPDATE reflected

down to all access routers

in the same cluster

5. Traffic from old base

station may follow direct

routing path if available

BS

BS


35pt

: R153 G0 B0

:


: Arial

32pt

: R153 G0 B0

黑体

22pt

) :18pt

黑色

:


: Arial

20pt

):18pt

黑色

细黑体

IBGP from an HA

Page 8

BS

Internet Home DNS

Server(s)

Local Caching

Resolver(s) and

in-addr.arpa Server(s)

Access

Aggregation

Core

BS

BS

BS

Home Agent

MN that moved

out of local AS


35pt

: R153 G0 B0

:


: Arial

32pt

: R153 G0 B0

黑体

22pt

) :18pt

黑色

:


: Arial

20pt

):18pt

黑色

细黑体

BS BS

Alternative Solution: Dynamic HA in the AR

Page 9

Original Point of

Attachment

(IP assigned from

this local pool)

Current Point of

Attachment

1

2 3

Traffic Traverses

Backhaul 3 Times • Assign original BS as a dynamic HA

• Send a Registration Request or Binding

Update from the new point of attachment

• Inefficient if backhaul is expensive and

scarce

• Requires MN to send IP packets

at new BS


35pt

: R153 G0 B0

:


: Arial

32pt

: R153 G0 B0

黑体

22pt

) :18pt

黑色

:


: Arial

20pt

):18pt

黑色

细黑体

Issues

How does new BS learn about the already-assigned address?

How does new BS guarantee the assignment is authentic?

Answer: DNS

Page 10


35pt

: R153 G0 B0

:


: Arial

32pt

: R153 G0 B0

黑体

22pt

) :18pt

黑色

:


: Arial

20pt

):18pt

黑色

细黑体

UE BS H-DNS L-DNS

Authentication

BS learns MN’s DNS

name & agrees on MSK

DHCP Address Assignment

Dynamic DNS Update

my-ue.example.com

192.0.2.3

Dynamic DNS Update

Mapping:

my-ue.example.com 192.0.2.3

A Target eNB checks this to discover IP address

Mapping:

3.2.0.192.in-addr.arpa my-ue.example.com

A Target eNB checks this to verify IP address

DNS storage of assigned address(es)


35pt

: R153 G0 B0

:


: Arial

32pt

: R153 G0 B0

黑体

22pt

) :18pt

黑色

:


: Arial

20pt

):18pt

黑色

细黑体

UE eNB/

L-GW

H-DNS L-DNS

Authentication

BS learns MN’s DNS

name & agrees on MSK DNS Lookup of my-ue.example.com

my-ue.example.com

DNS Lookup of 3.2.0.192.in-addr.arpa

Mapping:

my-ue.example.com 192.0.2.3

Mapping:

3.2.0.192.in-addr.arpa my-ue.example.com

DNS retrieval of assigned address(es) during handoff

iBGP Routing Update


35pt

: R153 G0 B0

:


: Arial

32pt

: R153 G0 B0

黑体

22pt

) :18pt

黑色

:


: Arial

20pt

):18pt

黑色

细黑体

Authentication without RADIUS/Diameter

Round-trips to the home network add to latency of handover

Leverage DANE work putting public keys into DNS

Public keys can be cached

Re-run public key based authentication on every new attachment

Page 13


35pt

: R153 G0 B0

:


: Arial

32pt

: R153 G0 B0

黑体

22pt

) :18pt

黑色

:


: Arial

20pt

):18pt

黑色

细黑体

Dynamic Re-Binding

During quiet periods, MN should re-run DHCP to get a new

address that is local to the current BS

MN must keep track of which connections are using which

addresses

Keep renewing the lease of used addresses (unicast DHCPREQUEST)

Remotely from current BS: the BS must add the Agent Remote ID

Garbage collect unused addresses & remove from Home DNS entry

Page 14


35pt

: R153 G0 B0

:


: Arial

32pt

: R153 G0 B0

黑体

22pt

) :18pt

黑色

:


: Arial

20pt

):18pt

黑色

细黑体

Data Point: BGP Pass-through Time

How fast does a BGP Update propagate through the network?

See “Measuring BGP Pass-Through Times” by Feldman, Kong,

Maennel, and Tudor

http://www.net.t-labs.tu-berlin.de/papers/FKMT-MBPT-04.pdf

Time for a BGP Update to be processed and resulting Updates to

be propagated (MRAI disabled):

Best case: 2.4 ms

Worst case: 400 ms

Variation due to 200ms polling interval in a particular BGP

implementation

Page 15











35pt

: R153 G0 B0

:


: Arial

32pt

: R153 G0 B0

黑体

22pt

) :18pt

黑色

:


: Arial

20pt

):18pt

黑色

细黑体

Conclusions

Existing tunnel hierarchies are inefficient and unnecessary

BGP is used in typical wireline ISP environments

BGP Updates can be used to handle mobility events

Must limit the time and scope of mobility for scalability

MNs can re-bind to new IP addresses during periods of inactivity

Performance studies needed

DNS names can be used as node identifiers

Leverage DNS as a mapping database to find current IP addresses

Leverage DANE for storage of public key material

Enhance authentication to remove AAA round-trips and eliminate

transport of symmetric secret key material

Page 16

-mccann dmm flatarch 00 - Internet Engineering Task Force · -mccann dmm flatarch 00.txt March 26, 2012 . HUAWEI TECHNOLOGIES CO., LTD. 35pt : R153 G0 B0 : FrutigerNext LT Medium

Documents