One document matched: draft-becker-mobileip-ipm-arch-00.txt
INTERNET DRAFT Carey B. Becker
Category: Informational Basavaraj Patil
Title: <draft-becker-mobileip-ipm-arch-00.txt> Emad Qaddoura
Date: October 1999 Nortel Networks
IP Mobility Architecture Framework
Status of this Memo
This document is an Internet-Draft and is in full conformance with
all provisions of Section 10 of RFC2026.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet-
Drafts.
Internet-Drafts are draft documents valid for a maximum of six
months and may be updated, replaced, or obsoleted by other
documents at any time. It is inappropriate to use Internet-Drafts
as reference material or to cite them other than as "work in
progress."
The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt
The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html.
Abstract
Today, the wireless network arena is made up of different types of
access (TDMA, CDMA, GSM, etc) and core network technologies (IS-41
and MAP over SS7, etc). The heterogeneous nature of today's
wireless and wireline packet data networks limits the scope of
mobility between these heterogeneous networks. However, as these
heterogeneous networks evolve, the mobility management provided by
them must evolve to ensure seamless roaming between the networks.
With the convergence of voice and data, networks of the future will
be built on IP packet switched technology, mostly due to inherent
Becker, Patil, Qaddoura Expires April, 2000 [Page 1]
Internet-Draft IP Mobility Architecture Framework October, 1999
advantages offered by the technology.
This document identifies several drivers that provide input for an
IP Mobility based network and also describes a high level IP
Mobility architecture that extends the current third generation
IMT2000 wireless architecture and builds on Mobile IP concepts.
Table Of Contents
1 Introduction............................................2
2 IP Mobility Architecture................................4
2.1 Network Reference Model...............................6
2.2 Home Network..........................................6
2.2.1 Home Network Mobility Components....................7
2.3 Foreign Network.......................................9
2.3.1 Foreign Network Mobility Components................10
2.4 Access Network.......................................11
2.5 IP Network...........................................11
2.6 Mobile Nodes.........................................11
2.7 User Identification..................................12
3 Conclusion.............................................12
4 Acknowledgements.......................................12
5 References.............................................13
6 Authors' Addresses.....................................14
1. Introduction
User mobility is an integral part of today's and future wireless
and wireline packet data networks. Today, the wireless network
arena is made up of different types of access (TDMA, CDMA, GSM,
Becker, Patil, Qaddoura Expires April, 2000 [Page 2]
Internet-Draft IP Mobility Architecture Framework October, 1999
802.11, etc) and core network technologies (IS-41 and MAP over SS7,
etc.). The heterogeneous nature of today's wireless and wireline
packet data networks limits the scope of mobility between these
heterogeneous networks. However, as these heterogeneous networks
evolve, the mobility management provided by them must evolve to
ensure seamless roaming between the networks.
With the convergence of voice networks and data networks, networks
of the future will be built on IP packet switched technology,
mostly due to inherent advantages offered by the technology (the
details of which are beyond the scope of this document). The change
from the current SS7 based wireless networks to IP centric wireless
networks is already happening. In the very near future, mobile
devices that support IP stacks will also proliferate.
The combination of these two concepts, the networks moving to IP
packet switched technology and the evolution of mobility management
to ensure seamless roaming, defines what we call IP Mobility. There
are several drivers that are paving the way for defining an
architecture that is IP Mobility enabled. Some of these are:
1. The network should allow for seamless roaming between
heterogeneous wireless and wireline networks.
2. The network infrastructure should be access independent.
As our wireless networks evolve, it will remain a fact of life
that we will need to support multiple types of wireless
accesses, e.g., CDMA, TDMA, etc. Users should be able to roam
between these different access types via a mobile device that
supports access specific interface cards which provide the
appropriate 'layer 2' access. However, the current networking
protocols that perform the mobility management functions
specific to the heterogeneous technologies can evolve into a
single protocol.
3. Mobility needs to be based on the users, not the device used
by the user.
GSM already supports the concept of mobility being based on a
user via the International Mobile Subscriber Identity (IMSI),
although the IMSI is not known by the user. In North American
Cellular systems, e.g., TDMA, CDMA, etc, a user is identified
via a Mobile Identification Number (MIN) that is specific to
the mobile device. This association needs to be separated.
Also, both of these concepts are based on users being assigned
'telephony' user IDs, which are solely based on digits. User
IDs should not be restricted to digit only identifiers or
Becker, Patil, Qaddoura Expires April, 2000 [Page 3]
Internet-Draft IP Mobility Architecture Framework October, 1999
restricted to the realm of telephony IDs.
4. A roaming user should only need a single subscription to
access a home network.
Within the scope of packet data services being defined for
CDMA systems, a user must have a subscription with a cellular
provider to gain access to the cellular network. After which
the user is authenticated, the user's mobile device is put on
a traffic channel to allow the user's mobile IP subscription
to be authenticated with the users home network. The multiple
subscriptions translate to multiple unwanted registrations and
a waste of radio resources for the second registration.
5. The network should support the removal of triangle routes
within the network.
Triangle routes (which contain routing anchor point) can be
established at two points, 1) at the home network as defined
in mobile IP [2] and 2) at the foreign network as proposed in
[4] and [5]. The network needs to support a mechanism, similar
to what is defined in [6], which can alleviate the problems
associated with anchor points. The network needs to support
policies that allow or disallow triangle routes, e.g., a
policy that wants to hide knowledge of where the user is
located.
6. Service providers would like to deploy the same network
infrastructure in both their wireline and wireless networks.
One of the major business drivers is to gain economies of
scale from deploying the same network infrastructure, e.g.,
network operation, services platforms, etc, within the service
provider's networks that is independent of the access
networks. However, mechanisms should be provided that will
allow the networks to be optimized on the type of access
network.
None of the current packet data technologies, GPRS, Mobile IP and
CDPD, support all the concepts depicted in the above drivers. An
architecture must be defined that can provide the functions that
ensure true seamless roaming within a mobility enabled IP network.
2. IP Mobility Architecture
To be able to achieve a mobility enabled IP network that satisfies
the drivers stated in the previous section, an enhanced
Becker, Patil, Qaddoura Expires April, 2000 [Page 4]
Internet-Draft IP Mobility Architecture Framework October, 1999
architecture needs to be defined that extends the current third
generation IMT2000 wireless architecture and mobile IP. This
section defines such an architecture.
The intent of defining this architecture is to propose a strategy
and a framework for next generation networks that are mobility
enabled. The transition strategies required by the packet data
technologies to evolve to this architecture are outside the scope
of this document. However, it is an important item that should be
addressed as part of the work group discussions.
The architecture described in this draft is not complete but is
intended to provide a starting point for further enhancements and
development. It does not include some necessary concepts; one
example being brokers/proxies as described in [7] and [8]. However,
it does contain a substantial subset of what is needed to provide
mobility within IP networks.
Becker, Patil, Qaddoura Expires April, 2000 [Page 5]
Internet-Draft IP Mobility Architecture Framework October, 1999
2.1. Network Reference Model
The following figure depicts the logical view of the proposed
network architecture.
+ -----------------------------------------------------------+
| +-----+ +------+ +-----------+ +----------------+ |
| | DNS | | DHCP | | Unified | | Authentication | |
| +-----+ +------+ | Directory | | Server | |
| +-----------+ +----------------+ |
| | Home
| +------------+ +----------+ +------+ | Network
| | Mobility | | Security | | AAA+ | |
| | Mgmt (HA+) | | Gateway | +------+ |
| +------------+ +----------+ |
+ -----------------------------------------------------------+
| | IP network
| |
+ -----------------------------------------------------------+
| +------------+ +----------+ +------+ +------+ |
| | Mobility | | Security | | AAA+ | | DHCP | | Foreign
| | Mgmt (FA+) | | Gateway | +------+ +------+ | Network
| +------------+ +----------+ |
+ -----------------------------------------------------------+
||
||
+ -----------------------------------------------------------+
| +----------+ +-----------+ +-----------+ |
| | Location | | Cell Site | . . . | Cell Site | | Access
| | Tracking | +-----------+ +-----------+ | Network
| +----------+ |
+ -----------------------------------------------------------+
Figure 1: Network Reference Model
The following sections describe the functionality of the components
of the network reference model.
2.2. Home Network
The Home Network is very similar in concept to the home network
defined in [2] and the home network defined in the wireless
networks. Basically, the Home network is a combination of the two
with some extensions.
Becker, Patil, Qaddoura Expires April, 2000 [Page 6]
Internet-Draft IP Mobility Architecture Framework October, 1999
Some of the relevant functions of the Home Network as they relate
to mobility are:
* It is the home network that 'owns' the mobile user's
subscription.
* Maintains the mobile user's subscription and associated
subscriber profile.
* Provides mobility to subscribers on a 'larger' scale. It is
responsible for maintaining the current location of the mobile
user.
* Allocation of mobile node IP addresses
* Supports a 'unified' directory for subscriber profiles
independent of the access network type.
* Stores policies and profiles associated with mobile users.
* Provides Authorization functions associated with the mobile
user.
* May provide the Authentication functions required to
authenticate the mobile user.
* Support Service Level Agreements (SLA) with all Foreign
Networks it wants its users to roam in.
* Support a policy that allows 'hiding' the user's location.
This policy will mandate that the home be an anchor point for
datagrams sent to it's users while they are roaming.
2.2.1. Home Network Mobility Components
The following describes some functions associated with the
components of the Home network.
* Mobility Management (MM)
Mobility management is comprised of two high level concepts,
1) mobile user location tracking and 2) performing routing
update functions for mobile nodes. These functions are very
similar to what Home Agents do in [2] and what Home Location
Registers do in wireless networks, with some enhancements. The
location tracking function of the MM expects to receive a
single mobile user registration message from the foreign
Becker, Patil, Qaddoura Expires April, 2000 [Page 7]
Internet-Draft IP Mobility Architecture Framework October, 1999
networks that is independent of the access network used at the
foreign network. This is true for all messages sent from the
foreign networks to the home networks. The architecture
supports the concept of a centralized location tracking
function for the home network. However, the architecture does
not preclude the idea of having a distributed location
tracking function.
* AAA+
The protocol used to send messages between a foreign network
and a home network is the AAA+ protocol, with extensions to
support mobility management (hence AAA+). Another important
concept used within the AAA+ framework is that the AAA+
between a foreign network and a home network. This single
security association can be used to alleviate the need for
security associations between mobile IP FA and HA components
and dynamic session key establishment as suggested in [2] and
[4]. The AAA+ protocol and server may also interface with the
mobility agents in the network in order to assist in the
generation and transfer of session keys used in the network by
the mobile node and the network components in the serving and
home network for encryption and privacy as suggested in [10].
It is suggested that the security framework be based on IPSec
as suggested in [11].
* Authentication Server
The authentication server is a combination of certificate
authority, key management system, and digital signature
verification server. The authentication server receives
roaming mobile user authentication requests via the AAA+ and
authenticates the user.
* Unified Directory
The Unified Directory is the database that contains all the
home user's subscriber profiles, network policies, and any
other data that needs to be stored at the Home Network. The
subscriber profiles in the directory are independent of the
access network association. Access to data in the Unified
Directory from other components within the network is via a
single protocol, LDAP.
* DHCP
In the Home Network, the DHCP server may be used to assign IP
addresses to roaming mobile stations that do not have a
Becker, Patil, Qaddoura Expires April, 2000 [Page 8]
Internet-Draft IP Mobility Architecture Framework October, 1999
permanently configured IP.
* DNS
In the home network, Dynamic DNS is the protocol used to
update DNS with a roaming user's mobile node allocated IP
address. If the home network is responsible for allocating the
IP address, DNS is updated by DHCP. If the foreign network is
responsible for allocating the IP address, the home network
mobility manager will update DNS.
* Security gateway
The security gateway performs all the necessary 'firewall'
functions.
2.3. Foreign Network
The Foreign Network is very similar in concept to the foreign
network defined in [2] and the foreign network defined in the
wireless networks. Basically, the Foreign Network is a combination
of the two with some extensions.
Some of the relevant functions of the Foreign Network as they
relate to mobility are:
* It is the serving area network for one or more access
networks.
* It can support multiple Access Networks (AN), where each AN is
associated with a different technology, e.g. one AN may be a
CDMA RAN, another AN may be GSM RAN.
* Provides mobility management for mobility within the access
networks that it serves.
* Provides local services.
* Routes data to the mobile user via the access link that the
mobile node is currently attached to.
* Routes data that is sent by the mobile user.
* Allocates IP address to be used by the mobile nodes if allowed
by policy.
* Support for the establishment of Service Level Agreements
Becker, Patil, Qaddoura Expires April, 2000 [Page 9]
Internet-Draft IP Mobility Architecture Framework October, 1999
(SLA) with all Home Networks that want to allow their user to
roam within the foreign network.
* Support for user authentication to be provided by at the
foreign network after the user initially registers.
2.3.1. Foreign Network Mobility Components
The following describes some functions associated with the
components of the Foreign Network.
* Mobility Management (MM)
Foreign Network's mobility management is comprised to three
high level concepts, mobile user location tracking within the
foreign network, handoffs between foreign networks, and
performing routing update functions for datagram delivery to
the access network/mobile node. These functions are very
similar to what Foreign Agents do in [2], with some
enhancements. The location tracking function of the MM expects
to receive the same formatted mobile user registration message
from each of the heterogeneous access network. The
architecture supports the concept of a centralized location
tracking function within the foreign network. However, the
architecture does not preclude the idea of having a
distributed location tracking function.
* AAA+
The protocol used to send messages between a foreign network
and a home network is the AAA protocol, with extensions to
support mobility management (hence AAA+). Another important
concept used within the AAA+ framework is that the AAA+
between a foreign network and a home network. This single
security association can be used to alleviate the need for
security associations between mobile IP FA and HA components
and dynamic session key establishment. It is suggested that
the security framework be based on IPSec.
* DHCP
In the Foreign Network, the DHCP server may be used to 1)
assign co-located care of addresses to private network mobile
nodes and 2) if policies indicate, assign IP addresses to
roaming mobile stations that do not have a permanently
configured IP.
Becker, Patil, Qaddoura Expires April, 2000 [Page 10]
Internet-Draft IP Mobility Architecture Framework October, 1999
* Security Gateway
The security gateway performs all the necessary 'firewall'
functions. It supports ESP IPSec security associations with
other network security gateways.
2.4. Access Network
The Access Network defines the 'layer 2' access technology used by
a user to gain access to a Foreign Network. The access network can
be one of several types:
* North American Cellular and GSM radio access networks (and
their evolution to 3rd generation)
* 802.11 wireless LAN access
* 802.3 wireline LAN access
* Dial-up network access
Figure 1 above only depicts an access network associated with a
wireless network.
2.5. IP Network
The IP network provides the routing of datagrams between Home
Networks and Foreign Networks. The IP network can be the public
Internet or a closed network such as those defined in IMT2000
standards.
2.6. Mobile Nodes
It can be argued that all nodes in the future will be mobile, or at
least have the potential to be mobile. Stationary nodes, generally
called correspondent nodes in [2], will only have to be equipped
with the appropriate access specific PC card(s) and software that
can perform the network registration functions.
The mobile node's interface(I/F) cards provide the 'layer 2'
interface to the specific access network. For each of the access
network types, there is a layer 2 address associated with the I/F
card so the access network and mobile node are able to uniquely
address each other. Mobile node software will need to determine
when and which access networks are available and perform the
Becker, Patil, Qaddoura Expires April, 2000 [Page 11]
Internet-Draft IP Mobility Architecture Framework October, 1999
appropriate registration functions.
Both types of nodes will have to support tunneling, e.g., IP in IP
encapsulation [9], to a roaming mobile node's care-of addresses.
This will help alleviate the triangle routing (anchor points)
issue.
2.7. User Identification
The architecture suggests user identities be based the Network
Access Identifier (NAI) as defined in [1]. The NAI allows for a
highly flexible definition of a user which does not restrict user
identities to digits only.
3. Conclusion
The architecture defined in this document provides a foundation
that will allow true seamless roaming within a mobility enabled IP
network.
Some of the advantages provided by the architecture are:
* A user may have a single subscription with a home network that
allows for roaming within all foreign networks that have
service level agreements with the home network.
* Mobility being based on the user, not the device used by the
user.
* A single security framework based on IPSec and used by the
AAA+ server to minimize other security associations and the
use of dynamic session keys.
* The ability to alleviate routing anchor points and support for
policies that allow the hiding of users by allowing routing
anchor points.
* Users to truly roam seamlessly between heterogeneous access
networks.
4. Acknowledgements
The authors would like to thank Russ Coffin, Mary Barnes, and Lachu
Aravamudhan of Nortel Networks and John Myhre of ATT Wireless
Services for their useful discussion.
Becker, Patil, Qaddoura Expires April, 2000 [Page 12]
Internet-Draft IP Mobility Architecture Framework October, 1999
5. References
[1] B. Aboba, M. Beadles, "The Network Access Identifier" RFC
2486, January 1999.
[2] C. Perkins, "IP Mobility Support", RFC 2002, October 1996.
[3] P. Calhoun, C. Perkins, "Mobile IP Dynamic Home Address
Allocation Extension", draft-ietf-mobileip-home-addr-alloc-
00.txt, November 1998.
[4] P. Calhoun P, C. Perkins, "Mobile IP Foreign Agent
Challenge/Response Extension", draft-ietf-mobileip-challenge-
04.txt, October 1999.
[5] P. Calhoun, G. Zorn, P. Pan, H. Akhtar, "DIAMETER Framework",
Internet-Draft, draft-calhoun-diameter-framework-03.txt,
October 1999.
[6] C. Perkins, D. Johnson, "Route Optimization in Mobile IP",
Internet Draft, ietf-mobileip-optim-08.txt, February 1999.
[7] B. Aboba, et al, "Review of Roaming Implementations", RFC
2194, September 1997.
[8] P. Calhoun, W. Bulley, "DIAMETER Dial-up (Roamops)
Extensions", Internet-Draft, draft-calhoun-diameter-authent-
07.txt, October 1999
[9] W. Simpson, "IP in IP Tunneling", RFC 1853, October 1995.
[10] M. Khalil, R. Narayanan, E. Qaddoura, H. Akhtar, "Key Exchange
for Network Architectures (KENA)", Internet-draft, draft-
mkhalil-mobileip-kena-00.txt, October 1999
[10] B. Patil , R. Narayanan, E. Qaddoura, "Security
Requirements/Implementation Guidelines for Mobile IP Using IP
Security", Internet-draft, draft-bpatil-mobileip-sec-guide-
00.txt, June 1999
Becker, Patil, Qaddoura Expires April, 2000 [Page 13]
Internet-Draft IP Mobility Architecture Framework October, 1999
6. Authors' Addresses
Questions about this document can be directed to:
Carey B. Becker Basavaraj Patil
Nortel Networks Nortel Networks
2201 Lakeside Blvd. 2201 Lakeside Blvd.
Richardson, TX. 75082-4399 Richardson, TX. 75082-4399
Phone: 972-685-0560 Phone: 972-684-1489
email: becker@nortelnetworks.com email: bpatil@nortelnetworks.com
Emad Qaddoura
Nortel Networks
2201 Lakeside Blvd.
Richardson, TX. 75082-4399
Phone: 972-684-2705
email: emadq@nortelnetworks.com
Becker, Patil, Qaddoura Expires April, 2000 [Page 14]
| PAFTECH AB 2003-2026 | 2026-04-24 01:15:45 |