149_09-29-11_IPv6-Mobile-CKN_v1_0[1]

Cisco Confidential© 2010 Cisco and/or its affiliates. All rights reserved. 1Cisco Confidential© 2010 Cisco and/or its affiliates. All rights reserved. 1

IPv6 in Mobile

Guillaume Gottardi - Consulting Systems EngineerPatrice Nivaggioli - Consulting Systems Engineer

© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 2

• Introduction

• 3GPP Architecture readiness for IPv6 : Dual-Stack in UMTS

• 3GPP Architecture readiness for IPv6 : Dual-Stack in LTE

• IPv6 only endpoints ?

• Dual-Stack deployment scenarios

• IPv6 only deployment scenarios

• Conclusion

© 2010 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialPresentation_ID 3© 2010 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialPresentation_ID 3

Introduction


Very brief summary

• Current Situation- Massive growth of number of

mobile data traffic and number of mobile end-points

- IPv4 run out: Most Operators started to deploy NA(P)T44 (on gateway or dedicated devices)

• Drivers for IPv6- Key: Off-load NAT44 Infrastructure- Provider-hosted IPv6 only services

(VoIP/IMS)- Sensor-Networks/Machine 2

Machine communication


• Top 10 devices generating 60% of total traffic (Cisco VNI 2010-2015)

• Android is catching fast iOS with iPhone for usage

• Device OS & installed Apps will have unique characteristics

• Radio Signaling overload, simultaneous updates

• Bandwidth hogging, concurrent flow, NAT pin holes

• Malware/DOS attacks


Where to Place the NAT Function?

PGWeNB

IPv4

private IPv4

IPv4Public

public IPv4

SGW

NAT44

PGWeNB

IPv4 IPv4

private IPv4 private IPv4

IPv4Public

public IPv4

CGN/CGv6SGW

NAT

NAT44

NAT

Option 1: NAT on Gateway (Distributed)

Option 2: NAT on Router (Centralized)

Key Benefits:• Subscriber aware NAT

- per subscriber control- per subscriber accounting

• Large Scale (further enhanced by distribution)

• Highly available(incl. geo-redundancy)

Key Benefits:• Integrated NAT for multiple

administrative domains(operational separation)

• Large Scale• Overlapping private IPv4

domains (e.g. w/ VPNs)


10.1.1.1

10.1.2.1

10.1.1.1

Overlapping private IPv4 addresses / Large Deployments

• Limited IPv4 life extension for large domains

Run-out of private IPv4 addresses (more than ~16M addresses needed)

• Approaches

Standalone CGN: Access tunnels extended to NAT44 (e.g. using MPLS VPN)

“Gateway-Initiated Dual Stack Lite” (draft-ietf-softwire-gateway-init-ds-lite-02)

Gateway-Integrated NAT w/ distributed local address pools

Per gateway RFC1918 address space

IP/MPLS

PENAT+

PEPrivate IPv4VRF #1

IPv4InternetPrivate IPv4

VRF #2

PE

10.1.1.1

10.1.1.1

10.1.1.1

Public IPv4

PE

IPv4Internet

PE

PE

NAT

NAT

NAT

Standalone CGN: GI-DS-lite concept NAT Integrated in Gateway


3GPP architecture readinessDual-stack in UMTS


SGSN GGSN

AAA/HLR

GPRS/UMTS

• PDP Contexts / BearerIPv4 only: UE – GGSN link is “IPv4 only”IPv6 only: UE – GGSN link is “IPv6 only”IPv4v6 (>= Rel. 9): UE – GGSN link transports IPv4 and IPv6 (and has /64 prefix and IPv4 address configured)

InternetBTS

NodeB

GERAN(2.5G)

UTRAN(3G)

GbGi

Iu

GcGr

Gn/Gp

PDP Context


PCRF/AAA/DHCP

GGSNSGSN

IPv4-Public

IPv6-Public

• IPv6 impacts handsets, SGSN, GGSN, DNS, AAA, Policy Server, Billing, Gi-nodes/VAS platforms, OSS/BSS

• IPv6 and Dual Stack are well supported by 3GPP Standards

• 3G Pre-release 9 infrastructure requires PDP context per IP-Stack

• It doesn‘t solve the IPv4 exhaustion issue as IPv4 address is assigned to the handset

• It allows offload IPv4 infrastructure (NAT) to native off-net IPv6 services (Youtube...) and on-net (IMS/RCS...)

Deployment examples:

• IPv6 as default for IMS, Youtube,iTunes, Google…• IPv4 as default for IPv4 internet• IPv4 as fallback for roamingroaming

NodeBRNC


PCRF/AAA/DHCP

GGSNSGSN

IPv4-Public

IPv6-Public

• 3GPP R9 lifts the dedicated PdP context per stack restriction, and introduces the IPv4v6 PdP context supports

• Optimized design which requires less ressources and signalling as for dedicated stack case

• Considerations to request an IPv4 address on-demand ((e.g., when an application binds to an IPv4 socket interface)

NodeBRNC

Deployment examples:

• IPv6 as default for IMS, Youtube,iTunes, Google…• IPv4 as default for IPv4 internet• IPv4 as fallback for roamingroaming


Create PDP Context Reply(UE IP-address,

Protocol config options (e.g. DNS-server list,…),

cause)

AAA DHCPGGSNSGSNAttach Request

Attach Accept

Router Solicitation

Router Advertisement

UE

DHCPv6 – Information Request

DHCPv6 PDOption 3

DHCPv6 – Reply

DHCPv6 – Relay Forward

DHCPv6 – Relay ReplyDHCPv6 – Reply DHCPv6 – Relay Reply

Prefix RetrievalOption 2

Option 1 /64 prefix allocation from local pool

SLAAC

Prefix communicated to SGSN

empty UE IP-address for dynamic allocation

/64 prefix allocation:3 Options: Local Pool, AAA, DHCP

Create PDP Context Request(APN, QoS, PDP-type=IPv6,…)

Select GGSN for given APN


Design Considerations

Charging Gateway

Data

SGSNGa (GTP’) Ga (GTP’)

GnGn/Gp (GTP)

InternetDMZ

Core Network

Billing System

Ga (GTP’) IXC

Roaming partners

GRX

RNCNodeBFemto HNB

RAN

RADIUSDNS

DPI

GGSN

Policy

NAT

WAP

Signaling

Content providers

IMS Core

DHCP

QSElement Design consideration (If IPv6 is used for internet & internal Apps) Impact

eNodeB Radio layer. Can use IPv4 backhaul No

RNC Iu-CS/Iu-PS can use IPv4 backhaul No

SGSN Initiate mobile APN query & authentication Yes

HLR/HSS IPv6 capable Yes

GGSN IPv6 PDP, standards IPv6 features, prefix allocation Yes

Billing Mediation and processing of IPv6 CDR Yes

DPI, Quote Server Pre-paid implementation, IPv6 parsing & CDR capability Yes

WAP, Data Accelerator IPv6 packet compressions, cache capability Yes

Firewalls IPv6 rules capability, performance Yes

DNS IPv6 DNS capability Yes


3GPP architecture readinessDual-stack in LTE


3GPP 23.401/23.402

E-UTRAN

PCRF

S11(GTP-C)

S1-U(GTP-U)

S2b(PMIPv6,

GRE)

S5 (PMIPv6, GRE)

S6a(DIAMETER)

S1-MME(S1-AP)

GERAN

S4 (GTP-C, GTP-U)UTRAN

S3(GTP-C)

S12 (GTP-U)

S10(GTP-C)

S5 (GTP-C, GTP-U)

Gx(Gx+)

Gxb(Gx+)

SWx (DIAMETER)

Note: Protocol choice analysis in TR 29.803

SWn (TBD)

S6b(DIAMETER)

SWm(DIAMETER)

SGi

SWa (TBD)

Gxa(Gx+)

Rx+

UE

S2a(PMIPv6, GREMIPv4 FACoA)

Trusted Non-3GPPIP Access Untrusted Non-3GPP

IP Access

STa (RADIUS, DIAMETER)

SWu (IKEv2, MOBIKE, IPSec)

Operator’s IP ServicesPDN-GW

S-GWeNB

MME

SGSN

x-CSCF

ePDG

HSS

3GPPAAA

Gxc(Gx+)


IPv6 Deployment Domains

• Enable IPv6 customer applicationsIPv6 for user plane interfaces

IPv6 related attributes for control plane interfaces

IPv6 related attributes for policy/charging/control interfaces

Note: Protocol choice analysis in TR 29.803

Enable IPv6 transportIPv6 Home-PLMNIPv6 Visted-PLMNIPv6 Interconnect-PLMN

Initial Deployment Objective / Driver1 2


• IPv4 only bearerThe link is “IPv4 only”: One IPv4 Address

• IPv6 only bearerThe link is “IPv6 only”: One /64 prefix per bearer; One IPv6 Address on UE

• IPv4v6 bearer (since Rel-8)The link is “dual-stack”: The bearer is configured with both IPv4 address and one /64 prefix.v4v6 bearer type is the default in Rel-8 and beyondIf v4v6 bearer establishment fails and only a single stack bearer is enabled for UE, UE “should” try to establish separate PDN connection for missing stack

Dual Stackresults in 2EPC Bearers(i.e. two interfaceson PGW);Can be supportedwithin the same APN

Dual Stackresults in 1EPC Bearers(i.e. one interfaceon PGW)


• IPv4 Address Configuration: 2 MethodsWithin EPS bearer setup signaling (typical)DHCPv4 (DHCP optional on UE and PGW)

• IPv6 Address Configuration: 1 MethodStateless Address Autoconfiguration after the bearer setup/64 prefix for the UE-PGN connection


Create Session Request(APN, QoS,

PDN-type=IPv6,…)Create Session Request

(APN, QoS, PDN-type=IPv6,…)

Create Session Reply(UE IP-address,

Protocol config options (e.g. DNS-server list,…),

cause)

Create Session Reply(UE IP-address,

Protocol config options, ´cause)

AAA DHCPPGWSGWMMEAttach Request

Attach Accept

Router Solicitation

Router Advertisement

UE

DHCPv6 – Information Request

DHCPv6 PDOption 3

DHCPv6 – Reply

DHCPv6 – Relay Forward

DHCPv6 – Relay ReplyDHCPv6 – Reply DHCPv6 – Relay Reply

Prefix RetrievalOption 2

Option 1 /64 prefix allocation from local pool

SLAAC

Prefix communicated to SGW/MME

empty UE IP-address for dynamic allocation

/64 prefix allocation:3 Options: Local Pool, AAA, DHCP


Gateway Focused

• IPv6 PDP Context support

• Protocols/EncapsulationGTP-U (v6 over v4/v6)

IPsec (incl. IPsec for GTP-C/GTP-U)

• AddressingICMPv6, ND, SLAAC, Stateless-DHCPv6

Prefix allocation w/ priotity from

Local-pool, Radius, DHCP

Mobile-specific parameterization (29.061, clause 11.2.1.3.4)

• Control Protocolsv6 AVPs in Gx, Gy, Rf

v6 AVPs/VSAs for S6b

v6 IE in GTP‘

v6 IE in GTP-C

v6 LI – SNMP, UDP, FTP

• Session ServicesPer APN & interface redirect, ...

• Security

Control ProtocolsGx, Gy, Rf over v6S6b over v6GTP‘ over v6GTP-C over v6SNMPv6, FTPv6, UDP for LISNMPv6

Enab

le IP

v6 c

usto

mer

app

licat

ions

Enab

le IP

v6 T

rans

port

for A

cces

s N

etw

ork IPv6 routing/forwarding infrastructure

IPv4/v6 concurrent support on interfaces

IPv6 IGPs

IPv6 VPN – 6PE/6vPE

Security


Towards Prefix Delegation

/60

/60

/60

PC/Web

Sensors;Surveillance

Entertainment;Video/TV/Voice

ServiceProviderNetwork

• Deployment Scenarios• In-home routing to separate different classes

of devices (and allow for different security settings etc.)

• Fixed-LTE to attach multi-party homes• Multi-Technology Mobile Station

Mobile-Station (“Mobile Access Router”) supports multiple client accesstechnologies: Fixed-Ethernet, WiFi, BluetoothDedicated network / prefix for each mobile access technology

• Approach• DHCPv6 Prefix Delegation added to 3GPP Architecture• Follows draft-ietf-v6ops-ipv6-cpe-router

/64

/64

/64

/56


Notes on Solution for Rel-10

Single Prefix per PDN Connection / PDP Context- Prefixes delegated to the UE are portions of this single prefix

- /64 default prefix also aggregates into the single prefix

Prefix Allocation as part of PDN Connection setup- Local Pool or AAA

PDN-GWDelegating

Router

IPv6UE

RequestingRouter

IPv6Host

IPv6Host

IPv6Host

IPv6Host

IPv6 Bearer

/64

/60

/64

/64

Prefix Delegation

subnet

subnet

/56 Route announced


IPv6 Only Endpoints ?


• IPv6 only as a default serviceSimplify operations, optimize resource usageIPv4 kept as a backup service in case IPv6 not available (eg roaming)

• Still, bridging the IPv6 only islands with Public IPv4 resources is a must

NAT64

PGWeNB

IPv6

public IPv4

CGN/CGv6

SGW

NAT

IPv6

IPv4Public

IPv6IPv4

IPv4

IPv6

Access Network:- native IPv4 and/or- native IPv6- v6 tunneling options, e.g.

6PE apply as well

Core Network:- native IPv6- v6 tunneling options, e.g.

6PE, Softwires

IPv6 user plane with3GPP defined tunneling:- GTP- PMIP/GRE- IPsec


IPv6Internet

IPv4Internet

IPv4Network

IPv6Network

IPv6Internet

IPv4Internet

1.

2.

3.

4.

5.

6.

stateful stateless

Not viable because toofew IPv4 addresses

IPv4Network

IPv4Network

IPv4Network

IPv6Network

IPv6Network

IPv6Network


Stateless StatefulState creation Flow does NOT create any state in

the translator, algorithmic operation performed on packet headers

Each flow creates state in the translator. amount of state based on O(# of translations)

Address Savings 1:1 mappings (one IPv4 address used for each translation to an IPv6 host), no IPv4 address savings

N:1 mappings (like NAPT with NAT44), save IPv4 addresses

Address Space IPv6 systems must have “IPv4-translatable addresses” (RFC6052)

IPv6 systems may use any IPv6 addresses


Radio Cellular Chipset

Handset OS

App App App

App App App

App App App Support for IPv6 residesin 3 different areas:- Applications- OS- Cellular interface


Slide courtesy of Jari Akko (presented at Technical Plenary, IETF 79)


BIH function makes the needed “Bump-in-the-API (BIA)”and the “Bump-in-the-Stack (BIS)” changes

(Socket API Translator):Ext. Name resolver, Address mapper,

function mapper

IPv4 ApplicationSocket API (IPv4)

IPv4 ApplicationHost’s main DNS resolver

TCP/UDP over IPv4

TCP/UDP over IPv6

Protocol Translator

Interface Driver

TCP/UDP ovr IPv6

BIA BIS

PGWIPv6

‘CNAT‘ IPv6

IPv4IPv6 Network Stack

IPv4 Network Stack

IPv4 Application

IPv6 transportBIH

Etx. Name resolver

Interface Driver


Option for IPv6 introduction:IPv4/IPv6 Dual-stack UE


IPv4 Internet

• IPv6 address allocated to UE via SLAAC/GGSN-PGW, IPv4 address allocated at PdP-context / bearer setup

• Mobile Gateway performs Inline Services, Header Insertion can be used for user identity propagation

• GGSN-PGW provides IPv4 – MSISDN and IPv6 – MSISDN correlation via RADIUS/DIAMETER to LI and Service Platforms

• No NAT involved, except in case of Private IPv4 where NAT44 is required

Dual StackEndpoint

Incoming Responses: “AAAA” and/or “A” Records“AAAA” and/or “A” Records Outgoing Responses: “AAAA” and/or “A” Records

IPv6 address andIPv4 address

DNS

IPv6 Internetand Services

GGSNP-GW

Lawful InterceptionGi Services

IPv4 & IPv6Inline Services(DPI, Steering, H-insertion…)

IPv4 Gi Services

NAT44

RADIUS (MSISDN, IPv4)

(MSISDN, IPv6)


Option for IPv6 introduction:IPv6 Only UE


IPv4 Internet

• IPv6 address allocated to UE via SLAAC/GGSN-PGW

• GGSN-PGW provides IPv6 – MSISDN correlation via RADIUS/DIAMETER to LI

• Stateful NAT64 provides IPv6 – IPv4 – Ports correlation via RADIUS/DIAMETER/NETFLOW to LI

• DNS64/NAT64 synthesizes destination/target IPv4 addresses in AAAA records

IPv6-OnlyEndpoint

Incoming Responses: “A” Records with IPv4 address“AAAA” Records with synthesized Address: PREFIX:IPv4 Portion:(SUFFIX)

Outgoing Responses: “A” Records with IPv4 NAT64 CGN address

IPv6 address

StatefulNAT64

AFT

DNS64


GGSNP-GW

Lawful InterceptionRADIUS

(MSISDN, IPv6)RADIUS

(IPv6, IPv4, Ports)


IPv4 Internet


• Stateful NAT64 is performed on the Mobile Gateway

• GGSN-PGW provides IPv4, Ports – MSISDN correlation via RADIUS/DIAMETER


IPv6-OnlyEndpoint


Outgoing Responses: “A” Records with IPv4 NAT64 GW address

IPv6 address

StatefulNAT64

AFT

DNS64


GGSNP-GW

RADIUS (MSISDN, IPv4, Ports)

Lawful Interception


IPv4 Internet


• GGSN-PGW provides IPv6 – MSISDN correlation via RADIUS/DIAMETER

• Stateful NAT64 provides IPv6 – IPv4 – Ports correlation via RADIUS/DIAMETER/NETFLOW


• NAT44 is used to translate private to public source IPv4 addresses (if private IP address is used on Stateful NAT64)

IPv6-OnlyEndpoint


Outgoing Responses: “A” Records with IPv4 NAT64 CGN Address

IPv6 address

StatefulNAT64

AFT

IPv4-Only Service Platforms

NAT44

DNS64


GGSNP-GW

LI & Gi ServicesRADIUS

(MSISDN, IPv6)RADIUS

(IPv6, IPv4, Ports)


IPv4 Internetand IPv4 Gi Services


• Stateful NAT64 is performed on the Mobile Gateway

• Mobile Gateway performs Inline Services, Header Insertion can be used for user identity propagation

• GGSN-PGW provides IPv4, Ports – MSISDN correlation via RADIUS/DIAMETER to LI and Service Platforms


IPv6-OnlyEndpoint


Outgoing Responses: “A” Records with IPv4 NAT64 GW Address

IPv6 address

StatefulNAT64

AFT

DNS64


GGSNP-GW

RADIUS (MSISDN, IPv4, Ports)

LI & Gi Services

IPv4 & IPv6Inline Services(DPI, Steering, H-insertion…)


Conclusion


UE: Dual-Stack or Single-Stack IPv6 ?• Historically, “Dual-Stack” (with NAPT44) used to be the typical answer in response to the

“what is your migration strategy?” question

• Several 4G/LTE networks (will) start with DS UE offering4G/LTE allows for single v4v6 bearer right from the start

DS handset offerings still (very) limited

• Dual-Stack challenges3G: < Rel. 9: 2 PDP contexts needed dual stack (cost and scalability concern)

Current OS-behavior (preferences, stack-selection)

Often BSS/OSS/PCC infrastructure uses the IP-address/prefix to identify the subscriber: There can only be one address/prefix… not two…

Operational overhead to operate two networks (routing, addressing, etc.)

• Multiple SPs re-consider their strategy and consider IPv6-only UE connectivity(along with stateful NAT64)

“v6 only service” offering – options considered

“simple service”: v6-only phones – “not so smart phones”

“advanced service”: v6/v4 phones with v6-only connectivity – will require BIH/NAT46 on handset(there are still a lot of IPv4 only applications out there…)


• Dual-Stack Transport NetworksSeveral Providers start to consider IPv6 in the IP RAN (for LTE), DS Core (6PE based)

• NA(P)T44 DeploymentNAT on Gateway or Router/Standalone device: Both options consideredPrivate IPv4 run out: Regionalization or GI-DS-liteNAT-Standalone deployments:How to select the appropriate NAT device?

• IPv6 only deployments and NAT64DNS64 deployment: Standalone or bundled/integrated w/ router?BIH, dIVI an option for Mobile?

• Evolution of deployment models4G/LTE deployment models sometimes similar to classic broadband

Increasing interest in “Mobile-Router” models with IPv6 prefix delegation to UE

Increasing demand for static IPv6-prefixes on UEs?

Thank you.

149_09-29-11_IPv6-Mobile-CKN_v1_0[1]

Documents