One document matched: draft-wei-mptcp-proxy-mechanism-00.txt
INTERNET-DRAFT X.Wei
Intended Status: Standards Track C.Xiong
Expires: January 1, 2015 Huawei Technologies
June 30, 2014
MPTCP proxy mechanisms
draft-wei-mptcp-proxy-mechanism-00
Abstract
Multipath TCP provides the ability to simultaneously use multiple
paths between peers for a TCP/IP session, and it could improve
resource usage within the network and, thus, improve user experience
through higher throughput and improved resilience to network failure.
This document discusses the mechanism of a new network entity, named
MPTCP proxy, which is aimed to assist MPTCP capable peer to use MPTCP
session in case of one of the peers not being MPTCP capable.
Status of this Memo
This Internet-Draft is submitted to IETF in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as
Internet-Drafts.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at
http://www.ietf.org/1id-abstracts.html
The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html
Copyright and License Notice
Copyright (c) 2014 IETF Trust and the persons identified as the
document authors. All rights reserved.
X.Wei Expires November 20, 2014 [Page 1]
INTERNET DRAFT MPTCP proxy June 30, 2014
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Table of Contents
1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
2 Terminology . . . . . . . . . . . . . . . . . . . . . . . . . . 3
3 Solutions . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
3.1 Mechanisms for on-path MPTCP proxy . . . . . . . . . . . . 5
3.2 Mechanisms for off-path MPTCP proxy . . . . . . . . . . . . 8
4 Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . 11
5 Security Considerations . . . . . . . . . . . . . . . . . . . . 11
6 IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 11
7 References . . . . . . . . . . . . . . . . . . . . . . . . . . 11
7.1 Normative References . . . . . . . . . . . . . . . . . . . 11
7.2 Informative References . . . . . . . . . . . . . . . . . . 11
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 12
X.Wei Expires November 20, 2014 [Page 2]
INTERNET DRAFT MPTCP proxy June 30, 2014
1 Introduction
Nowadays, the volume of mobile devices, e.g. smart phone, has
increased greatly, and most of these devices have more than one
interface for network communication, for example it's very common for
a smart phone to have one cellular network interface and one WLAN
interface; at the same time, multi-homing scenarios have been more
and more common. All these situations provide a good pre-condition
for the implementation of MPTCP [MPTCP Protocol].
But there are still some barriers existing for the promotion of
MPTCP, and one of them is that now all most all of the ICP servers on
the Internet are traditional TCP servers and there seems no
motivation for these traditional servers to embed MPTCP into their
protocol stack, this situation leads to the fact that when
communicating with these servers the MPTCP capable devices have to
fall back to traditional TCP and cannot fully utilize their MPTCP
capability.
Some network operators also show interests in MPTCP, they want to
utilize MPTCP's multipath feature to realize optimization of their
network performances, such as resource pooling, network mobility etc.
To support MPTCP capable mobile devices, to use MPTCP to communicate
with traditional ICP servers through mobile network, a new entity
named MPTCP proxy (or proxy for abbreviation) is introduced into
mobile network and the deployment models of proxy are discussed in
[Deng].
This document goes more detail into the mechanisms of the proxy
mentioned in [Deng], and in the following sections we mainly discuss
how proxy could be implemented to support the a common scenario that
the communication is between MPTCP capable host (e.g. mobile device)
and non-MPTCP capable host (e.g. ICP server), and other scenarios
such as CPE scenario in [Deng] will be discussed in the latter
version.
2 Terminology
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119 [RFC2119].
MPTCP proxy (proxy): An entity used to support MPTCP session between
MPTCP capable host and non-MPTCP capable host.
UE: User Equipment.
ICP: Internet Content Provider.
X.Wei Expires November 20, 2014 [Page 3]
INTERNET DRAFT MPTCP proxy June 30, 2014
3 Solutions
As discussed in [Deng], MPTCP proxy is introduced to provide supports
for MPTCP capable host to communicate using MPTCP with non-MPTCP capable
host. There are mainly two models of proxy for different network
scenarios: the first one is that the proxy is deployed on the common
direct routing path of traffic from different access network, and this
kind of proxy is referred as on-path proxy, shown in Figure 1; the
second one is that the proxy locates only on the direct routing path of
traffic from one of the access networks the MPTCP capable host attached
to, and this kind of proxy is referred as off-path proxy, shown in
Figure 2.
_.---..
,' `.
.' 3GPP
+--| Cellular|-------+
| `. ,' |
+--------+ | `.._,,,' +-|-+ +--------+ +--------------+
|UE(A) |--+ |PGW|---|MPTCP |----|ICP Server(B) |
|(MPTCP) |--+ ,--'''--. +- -+ |Proxy(P)| |(TCP) |
+--------+ | ,' `. | +--------+ +--------------+
+-- WLAN ---------+
'
`.._ _,,'
`''
Figure 1: Scenario of on-path proxy deployment
For the scenario shown in Figure 1, MPTCP capable UE communicates with
non-MPTCP capable ICP server locating on Internet. The 3GPP cellular
network and WLAN network are deployed by single network operator, and
the MPTCP capable UE supports both 3GPP cellular network interface and
WLAN network interface, in this case operator could locate the proxy on
the path shared by both 3GPP cellular network traffic and WLAN network
traffic.
X.Wei Expires November 20, 2014 [Page 4]
INTERNET DRAFT MPTCP proxy June 30, 2014
_.---..
,' `.
.' 3GPP
+--| Cellular|-------+
| `. ,' |
+--------+ | `.._,,,' +-|-+ +--------+ +-------------+
|UE(A) |--+ |PGW|---|MPTCP |----|ICP Server(B)|
|(MPTCP) |--+ ,--'''--. +- -+ |Proxy(P)| |(TCP) |
+--------+ | ,' `. +--|-----+ +-------------+
+-- WLAN . |
------------------+
`.._ _,,'
`''
Figure 2: Scenario of off-path proxy deployment
For the scenario shown in Figure 2, only the 3GPP cellular network is
deployed by a mobile network operator, and the WLAN network is deployed
by other operator, e.g. another fixed-line operator. In this case, the
mobile network operator could only locate the proxy on the direct
routing path 3GPP cellular network traffic.
The following sub-sections will discuss the detailed mechanisms of on-
path proxy and off-path proxy as introduced above.
3.1 Mechanisms for on-path MPTCP proxy
When the direct routing path of all the sub-flows of a MPTCP capable UE
pass through the same proxy, the proxy will act as on-path proxy, and
the on-path proxy is transparent to UE, i.e. UE itself knows nothing
about the existence of the proxy.
X.Wei Expires November 20, 2014 [Page 5]
INTERNET DRAFT MPTCP proxy June 30, 2014
+-------+ +--------------+ +--------------+
|UE(A) | |MPTCP Proxy(P)| |ICP Server(B) |
|(MPTCP)| +--------|-----+ |(TCP) |
+-|-----+ | +-------|------+
|-----SYN+MP_CAPABLE(Key-A)--->|--SYN+MP_CAPABLE(Key-A)-->|
| +---------------------------------+ |
| |create temp. entry for connection| |
| +---------------------------------+ |
| |<--------SYN+ACK ---------|
| +------------+ |
| |create Key-P| |
| +------|-----+ |
<--SYN+ACK+MP_CAPABLE(Key-P)---| |
| | |
-ACK+MP_CAPABLE(Key-A,Key-P)---> |
| |---------ACK-------------->
| +------------+ |
|<------Data----------->|Data Mapping|<----Data---------->|
| +------|-----+ |
| +--|------+ |
|---------SYN+MP_JOIN-------> | |
| | inspect | |
<-----SYN+ACK+MP_JOIN-------- MPTCP | |
| | signal | |
|--- -----ACK+MP_JOIN-------> and | |
| |establish| |
<---------ACK --------------|sub-flow | |
| +--|------+ |
| +------------+ |
|<======Data===========>|Data Mapping|<----Data---------->|
| +------|-----+ |
Figure 3: On-path proxy for connection between MPTCP UE and TCP Server
The function of on-path proxy could mainly be divided into three sub-
functions: supporting for initial MPTCP capability negotiation,
supporting for sub-flow establishment and data mapping, as shown in
Figure 3. The following clauses focus on the description of each sub-
function.
(1) Supporting for initial MPTCP capability negotiation
The MPTCP capable UE starts a connection establishment procedure by
sending the first handshake packet with MP_CAPABLE option, including
UE's Key-A, to ICP server; proxy inspects the packet and creates a
temporary entry consisting of UE IP, Server IP, UE port number and
Server port number for the connection, then the proxy forwards the
X.Wei Expires November 20, 2014 [Page 6]
INTERNET DRAFT MPTCP proxy June 30, 2014
packet to ICP server. UE IP, server IP, UE port number and server port
number are used by proxy to match SYN/ACK response from ICP server.
Proxy inspects the second handshake SYN/ACK packet from ICP server, if
MP_CAPABLE option is included in SYN/ACK packet, then it means the ICP
server is MPTCP capable and the proxy doesn't need to act as proxy for
the connection and the temporary entry for the connection will be
removed; if no MP_CAPABLE option is included in SYN/ACK, the proxy will
generate Key-P on behalf of ICP server to finish MPTCP connection with
UE and the temporary entry will be sustained for the connection to
record all of the sub-flows belonging to the connection, the token as
described in [MPTCP Protocol] is used to identify the entry.
An example of the entry is shown in Table 1. In table 1, the server's IP
addresses and port numberes for different sub-flows could be the same.
+------------+----------------------------------------+
| ID | token |
|------------+----------------------------------------|
| sub-flow#1 |UE IP1,UE port1,server IP1,server port1 |
|------------+----------------------------------------|
| sub-flow#2 |UE IP2,UE port2,server IP2,server port2 |
+------------+----------------------------------------+
Table 1: An example of entry for connection
(2)Supporting for sub-flow establishment
After the initial MPTCP connection established, UE could choose to start
a new MPTCP sub-flow. Because UE is unaware of the existence of proxy,
so UE will start the new sub-flow with ICP server, i.e. the destination
IP address of SYN/MP_JOIN packet is ICP server's IP address.
The proxy inspects sub-flow establishment signal packet, i.e.
SYN/MP_JOIN, and decides whether it has provided proxy function for the
MPTCP session through the token included in MP_JOIN. If proxy has
provided proxy function for the MPTCP session, then it will provide
proxy function for the sub-flow and add UE IP, Server IP, UE port number
and Server port number to the entry for the connection; otherwise proxy
will not taken any action on the establishment of sub-flow.
(3)Data mapping
Proxy implements two separate kind of data mapping: forward mapping and
reverse mapping. Forward mapping means mapping data from MPTCP session
to TCP session; reverse mapping means mapping data from TCP session to
MPTCP session. Figure 4 shows the data mapping function of proxy.
X.Wei Expires November 20, 2014 [Page 7]
INTERNET DRAFT MPTCP proxy June 30, 2014
+-----------------------+
MPTCP | Mapping | TCP
+--+ | +-----+ +---+ | +----------+
|UE|<====|>|MPTCP|<<<<>>>>|TCP|<-+-->|ICP server|
+--+ | +-----+ +---+ | +----------+
|proxy |
+-----------------------+
Figure 4: Data mapping function of proxy
In forward mapping, proxy maps data from all sub-flows belonging to
MPTCP session to a single TCP flow in TCP session. Because the IP
addresses in packet of both MPTCP session and TCP session are not
proxy's IP address, so proxy needs to inspect the packet to decide
whether the packet belongs to the connection between UE and ICP server.
3.2 Mechanisms for off-path MPTCP proxy
When proxy locates on the initial sub-flow's direct routing path, but
some other sub-flow's direct routing path might not go through the same
proxy, then proxy will act in off-path model. The main difference
between on-path model proxy and off-path model proxy is that in off-path
model proxy needs to explicitly steer sub-flows to proxy, and MPTCP
capable UE is aware of the existence of proxy. UE will start new sub-
flow with proxy, but not with ICP server.
X.Wei Expires November 20, 2014 [Page 8]
INTERNET DRAFT MPTCP proxy June 30, 2014
+-------+ +--------------+ +--------------+
|UE(A) | |MPTCP Proxy(P)| |ICP Server(B) |
|(MPTCP)| +--------|-----+ |(TCP) |
+-|-----+ | +-------|------+
|-----SYN+MP_CAPABLE(Key-A)--->|--SYN+MP_CAPABLE(Key-A) ->|
| +---------------------------------+ |
| |create temp. entry for connection| |
| +---------------------------------+ |
| |<--------SYN+ACK ---------|
| +------------+ |
| |create Key-P| |
| +------|-----+ |
<--SYN+ACK+MP_CAPABLE(Key-P,P)-| |
| | |
-ACK+MP_CAPABLE(Key-A,Key-P)--->---------ACK-------------->
| +------------+ |
|<------Data----------->|Data Mapping|<----Data---------->|
| +------|-----+ |
|<------ADD_ADDR(proxy IP)-----| |
| +--|------+ |
|------SYN+MP_JOIN----------> | |
| | inspect | |
<-----SYN+ACK+MP_JOIN-------- MPTCP | |
| | signal | |
|------ACK+MP_JOIN----------> and | |
| |establish| |
<---------ACK --------------|sub-flow | |
| +--|------+ |
| +------------+ |
|<======Data===========>|Data Mapping|<----Data---------->|
| +------|-----+ |
Figure 5: Off-path proxy for connection between MPTCP UE and TCP Server
Similar to on-path model proxy, the function of off-path proxy could
also be divided into three sub-functions: supporting for initial MPTCP
capability negotiation, supporting for sub-flow establishment and data
mapping.
(1) Supporting for initial MPTCP capability negotiation
The MPTCP capable UE starts a connection establishment procedure by
sending the first handshake packet with MP_CAPABLE option, including
Key-A, to ICP server; proxy inspects the packet and creates a temporary
entry consisting of UE IP, Server IP, UE port number, and Server port
number,for the connection, then the proxy forwards the packet to ICP
server. UE IP, server IP, UE port number and server port number are used
by proxy to match SYN/ACK response from ICP server.
X.Wei Expires November 20, 2014 [Page 9]
INTERNET DRAFT MPTCP proxy June 30, 2014
Proxy inspects the second handshake SYN/ACK packet from ICP server, if
MP_CAPABLE option is included in SYN/ACK packet, then it means the ICP
server is MPTCP capable and the proxy doesn't need to act as proxy for
the connection and the temporary entry for the connection will be
removed; if no MP_CAPABLE option is included in SYN/ACK, the proxy will
generate Key-P on behalf of ICP server to finish MPTCP connection with
UE and the temporary entry will be sustained for the connection to
record all of the sub-flows belonging to the connection, the token as
described in [MPTCP Protocol] is used to identify the entry.
To avoid UE starts the establishment of sub-flow with ICP server's IP
address, proxy notifies UE the existence of itself through sending a P
flag in MP_CAPABLE option in SYN/ACK packet. When UE receives this P
flag it SHOULD NOT start the new sub-flow with ICP server's IP address
any more, but chooses to establish sub-flow with proxy after obtaining
proxy's IP address.
(2)Supporting for sub-flow establishment
In off-path model, after MPTCP capable UE has established the initial
sub-flow in MPTCP session with the assistance of proxy, proxy could
advertise its own IP address in ADD_ADDR option to UE, and then UE could
establish new sub-flow with proxy.
(3)Data mapping
The data mapping function for off-path proxy is the same as the function
described in on-path model.
X.Wei Expires November 20, 2014 [Page 10]
INTERNET DRAFT MPTCP proxy June 30, 2014
4 Conclusion
This document provides two kinds of proxy modes, which could be used to
support MPTCP capable UE in two different scenarios. For the first on-
path MPTCP proxy, there is no need to modify the current MPTCP stack
implementation of the host; for the off-path MPTCP proxy, it requires
the MPTCP capable host needs to support a new defined P flag.
5 Security Considerations
The introduction of implicit proxies and anchors does not add new
principal vulnerabilities.
6 IANA Considerations
A new flag 'P' in MPTCP MP_CAPABLE option needs to be defined, refer to
RFC 6824, Section 3.1. This flag is used by proxy to inform MPTCP
capable host the existence of proxy.
1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+---------------+---------------+-------+-------+---------------+
| Kind | Length |Subtype|Version|A|P|C|D|E|F|G|H|
+---------------+---------------+-------+-------+---------------+
| Option Sender's Key (64 bits) |
| |
| |
+---------------------------------------------------------------+
| Option Receiver's Key (64 bits) |
| (if option Length == 20) |
| |
+---------------------------------------------------------------+
7 References
7.1 Normative References
[KEYWORDS] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997.
[MPTCP Protocol]Ford, A., Raiciu, C., Handley, M., and O.
Bonaventure, "TCP Extensions for Multipath Operation with
Multiple Addresses", RFC 6824, January 2013.
7.2 Informative References
[Deng] L.Deng, D.Liu, T.Sun. "draft-deng-mptcp-mobile-network-proxy-
01", April 18, 2014
X.Wei Expires November 20, 2014 [Page 11]
INTERNET DRAFT MPTCP proxy June 30, 2014
Authors' Addresses
Xinpeng Wei
EMail: weixinpeng@huawei.com
Chunshan Xiong
EMail: sam.xiongchunshan@huawei.com
X.Wei Expires November 20, 2014 [Page 12]
| PAFTECH AB 2003-2026 | 2026-04-24 08:39:16 |