Portugal Telecom Inovação, S.A. / INESC Porto Admission Control in IP Multicast over Heterogeneous Access Networks Pedro Santos (PT Inovação) Pedro Santos (PT Inovação) António Pinto, Manuel Ricardo (INESC António Pinto, Manuel Ricardo (INESC Porto) Porto) Franscisco Fontes, Teresa Almeida (PT Franscisco Fontes, Teresa Almeida (PT Inovação) Inovação)
17
Embed
Admission Control in IP Multicast over Heterogeneous Access Networks
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Portugal Telecom Inovação, S.A. / INESC Porto
Admission Control in IP Multicast over Heterogeneous Access Networks
Pedro Santos (PT Inovação)Pedro Santos (PT Inovação)
António Pinto, Manuel Ricardo (INESC Porto)António Pinto, Manuel Ricardo (INESC Porto)
• IP Multicast Open architecture– Receivers are free to join any group– Sources are free to transmit to any groupMakes IP multicast-based commercial
services difficult to implement
• Solutions– End-to-end encryption of data streams– Control access to multicast sessions
22 Apr 2023 6NGMAST'08
Objectives• IP multicast streaming over heterogeneous access
networks– UMTS, xDSL, WiMAX
• Identify network nodes where to perform– access control– authorization– resource management
• Support for multicast sources– in the core network (known & authorized SP) – in the access network (user generated content)
• Authentication, authorization and record of multicast sessions
• Implement a prototype to validate the proposed solution
22 Apr 2023 7NGMAST'08
Reference Network Scenario
22 Apr 2023 8NGMAST'08
UMTS• GGSN Multicast router
• Native multicast support– Multimedia Broadcast/Multicast Service (MBMS)
• New functional element (BM-SC)• Inter-operable with IP Multicast (IGMP & IPv4 Class D)• Only for downstream traffic
– The reference point from the content provider to the BM-SC is not standardised by 3GPP in this release of the specification. “3GPP TS 23.246 v8.2.0”
22 Apr 2023 9NGMAST'08
xDSL
• BNG/BRAS Multicast router
• DSL-Forum TR-101 – Two Connection types– PPPoE
• Point-to-point connection CPE BNG• Packet replication done at the BNG Access control to multicast flows @ BNG
– IPoE• Every network element performs packet replication• L2 control over packet replication necessary at the DSLAM Access control to multicast flows @ BNG and DSLAM
22 Apr 2023 10NGMAST'08
WiMAX• ASN-GW Multicast router
• SS ASN-GW connection– Identified by a 16bit number (CID)– Upstream unicast connections (exclusively) – Downstream multicast connections possible (mCID) but...
• mCID are unidirectional in nature• not fitted for power-conservative systems• only efficient for large groups (nº of subscribed SSs)
Access control to multicast flows @ ASN-GW
22 Apr 2023 11NGMAST'08
Proposed Solution• User authentication
– Done at network attachment
• Access control done at the network access node– Members detection IGMP messages– Sources detection UDP multicast messages– Access Authorization AAA server– Policy Enforcement Access Control Lists (ACLs)
– IGMP message Group source address (GSA), group destination address (GDA)
22 Apr 2023 12NGMAST'08
Multicast Control - MSC
22 Apr 2023 13NGMAST'08
Prototype (Multicast Controller)
22 Apr 2023 14NGMAST'08
Results
• Multicast controller basic functionalities– authenticated user detection/verification– detection of multicast join/leave messages– detection of multicast source transmissions– multicast authorization checks– multicast traffic filtering (according to authZ checks)
• Successful functional validation– authorized/unauthorized group join request– multicast transmission to an authorized/unauthorized group– unauthorize a source/member after transmission/reception
has begun
• Processed up to 1250 IGMP requests/sec
22 Apr 2023 15NGMAST'08
Conclusions
• Multicast control done at access node– GGSN (UMTS)
– BNG or BNG & DSLAM (xDSL)
– ASN-GW (WiMAX)
• Application & Network agnostic– No changes needed to applications or network protocols
– Minimal user impact (only network elements are affected)
– Access control done at network layer
– ... L2 control may be required (If L2 packet replication)