draft-ietf-dmm-distributed-mobility-anchoring-14.txt   draft-ietf-dmm-distributed-mobility-anchoring-15.txt 
DMM H. Chan, Ed. DMM H. Chan, Ed.
Internet-Draft X. Wei Internet-Draft X. Wei
Intended status: Informational Huawei Technologies Intended status: Informational Huawei Technologies
Expires: May 4, 2020 J. Lee Expires: September 8, 2020 J. Lee
Sangmyung University Sangmyung University
S. Jeon S. Jeon
Sungkyunkwan University Sungkyunkwan University
CJ. Bernardos, Ed. CJ. Bernardos, Ed.
UC3M UC3M
November 1, 2019 March 7, 2020
Distributed Mobility Anchoring Distributed Mobility Anchoring
draft-ietf-dmm-distributed-mobility-anchoring-14 draft-ietf-dmm-distributed-mobility-anchoring-15
Abstract Abstract
This document defines distributed mobility anchoring in terms of the This document defines distributed mobility anchoring in terms of the
different configurations and functions to provide IP mobility different configurations and functions to provide IP mobility
support. A network may be configured with distributed mobility support. A network may be configured with distributed mobility
anchoring functions for both network-based or host-based mobility anchoring functions for both network-based or host-based mobility
support according to the needs of mobility support. In a distributed support according to the needs of mobility support. In a distributed
mobility anchoring environment, multiple anchors are available for mobility anchoring environment, multiple anchors are available for
mid-session switching of an IP prefix anchor. To start a new flow or mid-session switching of an IP prefix anchor. To start a new flow or
skipping to change at page 2, line 4 skipping to change at page 2, line 4
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on May 4, 2020. This Internet-Draft will expire on September 8, 2020.
Copyright Notice Copyright Notice
Copyright (c) 2019 IETF Trust and the persons identified as the Copyright (c) 2020 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of (https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License. described in the Simplified BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
2. Conventions and Terminology . . . . . . . . . . . . . . . . . 4 2. Conventions and Terminology . . . . . . . . . . . . . . . . . 3
3. Distributed Mobility Anchoring . . . . . . . . . . . . . . . 5 3. Distributed Mobility Anchoring . . . . . . . . . . . . . . . 6
3.1. Configurations for Different Networks . . . . . . . . . . 5 3.1. Configurations for Different Networks . . . . . . . . . . 6
3.1.1. Network-based DMM . . . . . . . . . . . . . . . . . . 5 3.1.1. Network-based DMM . . . . . . . . . . . . . . . . . . 7
3.1.2. Client-based DMM . . . . . . . . . . . . . . . . . . 6 3.1.2. Client-based DMM . . . . . . . . . . . . . . . . . . 8
4. IP Mobility Handling in Distributed Anchoring Environments - 4. IP Mobility Handling in Distributed Anchoring Environments -
Mobility Support Only When Needed . . . . . . . . . . . . . . 7 Mobility Support Only When Needed . . . . . . . . . . . . . . 9
4.1. Nomadic case (no need of IP mobility): Changing to new IP 4.1. Nomadic case (no need of IP mobility): Changing to new IP
prefix/address . . . . . . . . . . . . . . . . . . . . . 8 prefix/address . . . . . . . . . . . . . . . . . . . . . 10
4.2. Mobility case, traffic redirection . . . . . . . . . . . 10 4.2. Mobility case, traffic redirection . . . . . . . . . . . 12
4.3. Mobility case, anchor relocation . . . . . . . . . . . . 13 4.3. Mobility case, anchor relocation . . . . . . . . . . . . 15
5. Security Considerations . . . . . . . . . . . . . . . . . . . 14 5. Security Considerations . . . . . . . . . . . . . . . . . . . 16
6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 15 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 17
7. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 15 7. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 17
8. References . . . . . . . . . . . . . . . . . . . . . . . . . 16 8. References . . . . . . . . . . . . . . . . . . . . . . . . . 18
8.1. Normative References . . . . . . . . . . . . . . . . . . 16 8.1. Normative References . . . . . . . . . . . . . . . . . . 18
8.2. Informative References . . . . . . . . . . . . . . . . . 16 8.2. Informative References . . . . . . . . . . . . . . . . . 19
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 18 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 20
1. Introduction 1. Introduction
A key requirement in distributed mobility management [RFC7333] is to A key requirement in distributed mobility management [RFC7333] is to
enable traffic to avoid traversing a single mobility anchor far from enable traffic to avoid traversing a single mobility anchor far from
an optimal route. This document defines different configurations, an optimal route. This document defines different configurations,
functional operations and parameters for distributed mobility functional operations and parameters for distributed mobility
anchoring and explains how to use them to avoid unnecessarily long anchoring and explains how to use them to avoid unnecessarily long
routes when a mobile node moves. routes when a mobile node moves.
Companion distributed mobility management documents are already Companion distributed mobility management documents are already
addressing the architecture and deployment addressing source address selection [RFC8653], and control-plane
[I-D.ietf-dmm-deployment-models], source address selection [RFC8653], data-plane signaling [I-D.ietf-dmm-fpc-cpdp]. A number of
and control-plane data-plane signaling [I-D.ietf-dmm-fpc-cpdp]. A distributed mobility solutions have also been proposed, for example,
number of distributed mobility solutions have also been proposed, for in [I-D.seite-dmm-dma], [I-D.ietf-dmm-pmipv6-dlif],
example, in [I-D.seite-dmm-dma], [I-D.ietf-dmm-pmipv6-dlif],
[I-D.sarikaya-dmm-for-wifi], [I-D.yhkim-dmm-enhanced-anchoring], and [I-D.sarikaya-dmm-for-wifi], [I-D.yhkim-dmm-enhanced-anchoring], and
[I-D.matsushima-stateless-uplane-vepc]. [I-D.matsushima-stateless-uplane-vepc].
Distributed mobility anchoring employs multiple anchors in the data Distributed mobility anchoring employs multiple anchors in the data
plane. In general, control plane functions may be separated from plane. In general, control plane functions may be separated from
data plane functions and be centralized but may also be co-located data plane functions and be centralized but may also be co-located
with the data plane functions at the distributed anchors. Different with the data plane functions at the distributed anchors. Different
configurations of distributed mobility anchoring are described in configurations of distributed mobility anchoring are described in
Section 3.1. Section 3.1.
As a Mobile Node (MN) attaches to an access router and establishes a As a Mobile Node (MN) attaches to an access router and establishes a
link between them, a /64 IPv6 prefix anchored to the router may be link between them, a /64 IPv6 prefix anchored to the router may be
assigned to the link for exclusive use by the MN [RFC6459]. The MN assigned to the link for exclusive use by the MN [RFC6459]. The MN
may then configure a global IPv6 address from this prefix and use it may then configure a global IPv6 address from this prefix and use it
as the source IP address in a flow to communicate with its as the source IP address in a flow to communicate with its
correspondent node (CN). When there are multiple mobility anchors Correspondent Node (CN). When there are multiple mobility anchors
assigned to the same MN, an address selection for a given flow is assigned to the same MN, an address selection for a given flow is
first required before the flow is initiated. Using an anchor in a first required before the flow is initiated. Using an anchor in a
MN's network of attachment has the advantage that the packets can MN's network of attachment has the advantage that the packets can
simply be forwarded according to the forwarding table. However, simply be forwarded according to the forwarding table. However,
after the flow has been initiated, the MN may later move to another after the flow has been initiated, the MN may later move to another
network which assigns a new mobility anchor to the MN. Since the new network which assigns a new mobility anchor to the MN. Since the new
anchor is located in a different network, the MN's assigned prefix anchor is located in a different network, the MN's assigned prefix
does not belong to the network where the MN is currently attached. does not belong to the network where the MN is currently attached.
When the MN wants to continue using its assigned prefix to complete When the MN wants to continue using its assigned prefix to complete
ongoing data sessions after it has moved to a new network, the ongoing data sessions after it has moved to a new network, the
network needs to provide support for the MN's IP address -- and network needs to provide support for the MN's IP address and session
session continuity, since routing packets to the MN through the new continuity, since routing packets to the MN through the new network
network deviates from applying default routes. The IP session deviates from applying default routes. The IP session continuity
continuity needs of a flow (application) determines how the IP needs of a flow (application) determines how the IP address used by
address used by this flow has to be anchored. If the ongoing IP flow this flow has to be anchored. If the ongoing IP flow can cope with
can cope with an IP prefix/address change, the flow can be an IP prefix/address change, the flow can be reinitiated with a new
reinitiated with a new IP address anchored in the new network. On IP address anchored in the new network. On the other hand, if the
the other hand, if the ongoing IP flow cannot cope with such change, ongoing IP flow cannot cope with such change, mobility support is
mobility support is needed. A network supporting a mix of flows both needed. A network supporting a mix of flows both requiring and not
requiring and not requiring IP mobility support will need to requiring IP mobility support will need to distinguish these flows.
distinguish these flows.
2. Conventions and Terminology 2. Conventions and Terminology
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in BCP "OPTIONAL" in this document are to be interpreted as described in BCP
14 [RFC2119] [RFC8174] when, and only when, they appear in all 14 [RFC2119] [RFC8174] when, and only when, they appear in all
capitals, as shown here. capitals, as shown here.
All general mobility-related terms and their acronyms used in this All general mobility-related terms and their acronyms used in this
document are to be interpreted as defined in the Mobile IPv6 (MIPv6) document are to be interpreted as defined in the Mobile IPv6 (MIPv6)
base specification [RFC6275], the Proxy Mobile IPv6 (PMIPv6) base specification [RFC6275], the Proxy Mobile IPv6 (PMIPv6)
specification [RFC5213], the "Mobility Related Terminologies" specification [RFC5213], the "Mobility Related Terminologies"
[RFC3753], and the DMM current practices and gap analysis [RFC7429]. [RFC3753], and the DMM current practices and gap analysis [RFC7429].
These include terms such as mobile node (MN), correspondent node These include terms such as Mobile Node (MN), Correspondent Node
(CN), home agent (HA), home address (HoA), care-of-address (CoA), (CN), Home Agent (HA), Home Address (HoA), Care-of-Address (CoA),
local mobility anchor (LMA), and mobile access gateway (MAG). Local Mobility Anchor (LMA), and Mobile Access Gateway (MAG).
In addition, this document uses the following terms: In addition, this document uses the following terms and definitions:
IP session continuity: The ability to maintain an ongoing transport
interaction by keeping the same local endpoint IP address
throughout the lifetime of the IP socket despite the mobile host
changing its point of attachment within the IP network topology.
The IP address of the host may change after closing the IP socket
and before opening a new one, but that does not jeopardize the
ability of applications using these IP sockets to work flawlessly.
Session continuity is essential for mobile hosts to maintain
ongoing flows without any interruption [RFC8653].
Higher layer session continuity: The ability to maintain an ongoing
transport or higher layer (e.g., application) interaction by
keeping the session indentifiers throughout the lifetime of the
session despite the mobile host changing its point of attachment
within the IP network topology. This can be achieved by using
mechanisms at the transport or higher layers.
IP address reachability: The ability to maintain the same IP address
for an extended period of time. The IP address stays the same
across independent sessions, even in the absence of any session.
The IP address may be published in a long-term registry (e.g.,
DNS) and is made available for serving incoming (e.g., TCP)
connections. IP address reachability is essential for mobile
hosts to use specific/published IP addresses [RFC8653].
IP mobility: Combination of IP address reachability and session
continuity.
Home network of a home address: the network that has assigned the Home network of a home address: the network that has assigned the
HoA used as the session identifier by the application running in HoA used as the session identifier by the application running in
an MN. The MN may be running multiple application sessions, and an MN. The MN may be running multiple application sessions, and
each of these sessions can have a different home network. each of these sessions can have a different home network.
Anchoring (of an IP prefix/address): An IP prefix, i.e., Home Anchoring (of an IP prefix/address): An IP prefix, i.e., Home
Network Prefix (HNP), or address, i.e., HoA, assigned for use by Network Prefix (HNP), or address, i.e., HoA, assigned for use by
an MN is topologically anchored to an anchor node when the anchor an MN is topologically anchored to an anchor node when the anchor
node is able to advertise a connected route into the routing node is able to advertise a route into the routing infrastructure
infrastructure for the assigned IP prefix. The traffic using the for the assigned IP prefix. The traffic using the assigned IP
assigned IP address/prefix must traverse the anchor node. We can address/prefix must traverse the anchor node. We can refer to the
refer to the function performed by IP anchor node as anchoring, function performed by IP anchor node as anchoring, which is a data
which is a data plane function. plane function.
Location Management (LM) function: control plane function that keeps Location Management (LM) function: control plane function that keeps
and manages the network location information of an MN. The and manages the network location information of an MN. The
location information may be a binding of the advertised IP location information may be a binding of the advertised IP
address/prefix, e.g., HoA or HNP, to the IP routing address of the address/prefix, e.g., HoA or HNP, to the IP routing address of the
MN or of a node that can forward packets destined to the MN. MN or of a node that can forward packets destined to the MN.
When the MN is a mobile router (MR), the location information will When the MN is a Mobile Router (MR), the location information will
also include the mobile network prefix (MNP), which is the also include the Mobile Network Prefix (MNP), which is the
aggregate IP prefix delegated to the MR to assign IP prefixes for aggregate IP prefix delegated to the MR to assign IP prefixes for
use by the mobile network nodes (MNNs) in the mobile network. use by the Mobile Network Nodes (MNNs) in the mobile network.
In a client-server protocol model, location query and update In a client-server protocol model, secure (i.e., authenticated and
messages may be exchanged between a Location Management client authorized) location query and update messages may be exchanged
(LMc) and a Location Management server (LMs), where the location between a Location Management client (LMc) and a Location
information can be updated to or queried from the LMc. Management server (LMs), where the location information can be
Optionally, there may be a Location Management proxy (LMp) between updated or queried from the LMc. Optionally, there may be a
LMc and LMs. Location Management proxy (LMp) between LMc and LMs.
With separation of control plane and data plane, the LM function With separation of control plane and data plane, the LM function
is in the control plane. It may be a logical function at the is in the control plane. It may be a logical function at the
control plane node, control plane anchor, or mobility controller. control plane node, control plane anchor, or mobility controller.
It may be distributed or centralized. It may be distributed or centralized.
Forwarding Management (FM) function: packet interception and Forwarding Management (FM) function: packet interception and
forwarding to/from the IP address/prefix assigned for use by the forwarding to/from the IP address/prefix assigned for use by the
MN, based on the internetwork location information, either to the MN, based on the internetwork location information, either to the
skipping to change at page 5, line 32 skipping to change at page 6, line 13
separation of control plane and data plane, the FM function may separation of control plane and data plane, the FM function may
split into a FM function in the data plane (FM-DP) and a FM split into a FM function in the data plane (FM-DP) and a FM
function in the control plane (FM-CP). function in the control plane (FM-CP).
FM-DP may be distributed with distributed mobility management. It FM-DP may be distributed with distributed mobility management. It
may be a function in a data plane anchor or data plane node. may be a function in a data plane anchor or data plane node.
FM-CP may be distributed or centralized. It may be a function in FM-CP may be distributed or centralized. It may be a function in
a control plane node, control plane anchor or mobility controller. a control plane node, control plane anchor or mobility controller.
Home Control-Plane Anchor (Home-CPA or H-CPA): The Home-CPA function
hosts the mobile node (MN)'s mobility session. There can be more
than one mobility session for a mobile node and those sessions may
be anchored on the same or different Home-CPA's. The home-CPA
will interface with the home-DPA for managing the forwarding
state.
Home Data Plane Anchor (Home-DPA or H-DPA): The Home-DPA is the
topological anchor for the MN's IP address/ prefix(es). The Home-
DPA is chosen by the Home-CPA on a session- basis. The Home-DPA
is in the forwarding path for all the mobile node's IP traffic.
Access Control Plane Node (Access-CPN or A-CPN): The Access-CPN is
responsible for interfacing with the mobile node's Home-CPA and
with the Access-DPN. The Access-CPN has a protocol interface to
the Home-CPA.
Access Data Plane Node (Access-DPN or A-DPN): The Access-DPN
function is hosted on the first-hop router where the mobile node
is attached. This function is not hosted on a layer-2 bridging
device such as a eNode(B) or Access Point.
3. Distributed Mobility Anchoring 3. Distributed Mobility Anchoring
3.1. Configurations for Different Networks 3.1. Configurations for Different Networks
We next describe some configurations with multiple distributed We next describe some configurations with multiple distributed
anchors. To cover the widest possible spectrum of scenarios, we anchors. To cover the widest possible spectrum of scenarios, we
consider architectures in which the control and data planes are consider architectures in which the control and data planes are
separated, as described in [I-D.ietf-dmm-deployment-models]. separated. We analyze where LM and FM functions -- which are
specific sub-functions involved in mobility management -- can be
placed when looking at the different scenarios with distributed
anchors.
3.1.1. Network-based DMM 3.1.1. Network-based DMM
Figure 1 shows a general scenario for network-based distributed Figure 1 shows a general scenario for network-based distributed
mobility management. mobility management.
The main characteristics of a network-based DMM solution are: The main characteristics of a network-based DMM solution are:
o There are multiple data plane anchors, each with a FM-DP function. o There are multiple data plane anchors, each with a FM-DP function.
o The control plane may either be distributed (not shown in the o The control plane may either be distributed (not shown in the
figure) or centralized (as shown in the figure). figure) or centralized (as shown in the figure).
o The control plane and the data plane (Control Plane Anchor -- CPA o The control plane and the data plane (Control Plane Anchor -- CPA
-- and Data Plane Anchor -- DPA) may be co-located or not. If the -- and Data Plane Anchor -- DPA) may be co-located or not. If the
CPA is co-located with the distributed DPAs, then there are CPA is co-located with the distributed DPAs, then there are
multiple co-located CPA-DPA instances (not shown in the figure). multiple co-located CPA-DPA instances (not shown in the figure).
o An IP prefix/address IP1 (anchored to the DPA with IP address o An IP prefix/address IP1 (anchored to the DPA with IP address
IPa1) is assigned for use to a MN. The MN uses this IP1 address IPa1) is assigned for use to a MN. The MN uses this IP1 address
to communicate with CNs (not shown in the figure). to communicate with CNs (not shown in the figure).
o The location management (LM) function may be co-located or split o The location management (LM) function may be co-located or split
skipping to change at page 8, line 13 skipping to change at page 10, line 10
routes. routes.
A straightforward choice of mobility anchoring is the following: the A straightforward choice of mobility anchoring is the following: the
MN's chooses as source IP address for packets belonging to an IP MN's chooses as source IP address for packets belonging to an IP
flow, an address allocated by the network the MN is attached to when flow, an address allocated by the network the MN is attached to when
the flow was initiated. As such, traffic belonging to this flow the flow was initiated. As such, traffic belonging to this flow
traverses the MN's mobility anchor [I-D.seite-dmm-dma] traverses the MN's mobility anchor [I-D.seite-dmm-dma]
[I-D.ietf-dmm-pmipv6-dlif]. [I-D.ietf-dmm-pmipv6-dlif].
The IP prefix/address at the MN's side of a flow may be anchored to The IP prefix/address at the MN's side of a flow may be anchored to
the access router to which the MN is attached. For example, when a the Access Router (AR) to which the MN is attached. For example,
MN attaches to a network (Net1) or moves to a new network (Net2), an when a MN attaches to a network (Net1) or moves to a new network
IP prefix from the attached network is assigned to the MN's (Net2), an IP prefix from the attached network is assigned to the
interface. In addition to configuring new link-local addresses, the MN's interface. In addition to configuring new link-local addresses,
MN configures from this prefix an IP address which is typically a the MN configures from this prefix an IP address which is typically a
dynamic IP address. It then uses this IP address when a flow is dynamic IP address (meaning that this address is only used while the
initiated. Packets from this flow addressed to the MN are simply MN is attached to this access router, and therefore the IP address
configured by the MN dynamically changes when attaching to a
different access network). It then uses this IP address when a flow
is initiated. Packets from this flow addressed to the MN are simply
forwarded according to the forwarding table. forwarded according to the forwarding table.
There may be multiple IP prefixes/addresses that an MN can select There may be multiple IP prefixes/addresses that an MN can select
when initiating a flow. They may be from the same access network or when initiating a flow. They may be from the same access network or
different access networks. The network may advertise these prefixes different access networks. The network may advertise these prefixes
with cost options [I-D.mccann-dmm-prefixcost] so that the mobile node with cost options [I-D.mccann-dmm-prefixcost] so that the mobile node
may choose the one with the least cost. In addition, these IP may choose the one with the least cost. In addition, the IP
prefixes/addresses may be of different types regarding whether prefixes/addresses provided by the network may be of different types
mobility support is needed [RFC8653]. A MN will need to choose which regarding whether mobility support is supported [RFC8653]. A MN will
IP prefix/address to use for each flow according to whether it needs need to choose which IP prefix/address to use for each flow according
IP mobility support or not, using for example the mechanisms to whether it needs IP mobility support or not, using for example the
described in [RFC8653]. mechanisms described in [RFC8653].
4.1. Nomadic case (no need of IP mobility): Changing to new IP prefix/ 4.1. Nomadic case (no need of IP mobility): Changing to new IP prefix/
address address
When IP mobility support is not needed for a flow, the LM and FM When IP mobility support is not needed for a flow, the LM and FM
functions are not utilized so that the configurations in Section 3.1 functions are not utilized so that the configurations in Section 3.1
are simplified as shown in Figure 3. are simplified as shown in Figure 3.
Net1 Net2 Net1 Net2
skipping to change at page 9, line 32 skipping to change at page 11, line 32
When there is no need to provide IP mobility to a flow, the flow may When there is no need to provide IP mobility to a flow, the flow may
use a new IP address acquired from a new network as the MN moves to use a new IP address acquired from a new network as the MN moves to
the new network. the new network.
Regardless of whether IP mobility is needed, if the flow has not Regardless of whether IP mobility is needed, if the flow has not
terminated before the MN moves to a new network, the flow may terminated before the MN moves to a new network, the flow may
subsequently restart using the new IP address assigned from the new subsequently restart using the new IP address assigned from the new
network. network.
When IP session continuity is needed, even if a flow is ongoing as When IP session continuity is needed, even if an application flow is
the MN moves, it may still be desirable for the flow to change to ongoing as the MN moves, it may still be desirable for the
using the new IP prefix configured in the new network. The flow may application flow to change to using the new IP prefix configured in
then close and then restart using a new IP address configured in the the new network. The application flow may then be closed at IP level
new network. Such a change in the IP address of the flow may be and then be restarted using a new IP address configured in the new
enabled using a higher layer mobility support which is not in the network. Such a change in the IP address used by the application
scope of this document. flow may be enabled using a higher layer mobility support which is
not in the scope of this document.
In Figure 3, a flow initiated while the MN was using the IP prefix In Figure 3, a flow initiated while the MN was using the IP prefix
IP1 -- anchored to a previous access router AR1 in network Net1 -- IP1 -- anchored to a previous access router AR1 in network Net1 --
has terminated before the MN moves to a new network Net2. After has terminated before the MN moves to a new network Net2. After
moving to Net2, the MN uses the new IP prefix IP2 -- anchored to a moving to Net2, the MN uses the new IP prefix IP2 -- anchored to a
new access router AR2 in network Net2 -- to start a new flow. new access router AR2 in network Net2 -- to start a new flow.
Packets may then be forwarded without requiring IP layer mobility Packets may then be forwarded without requiring IP layer mobility
support. support.
An example call flow is outlined in Figure 4. A MN attaches to AR1, An example call flow is outlined in Figure 4. A MN attaches to AR1,
which sends a router advertisement (RA) including information about which sends a router advertisement (RA) including information about
the prefix assigned to MN, from which MN configures an IP address the prefix assigned to MN, from which MN configures an IP address
(IP1). This address is used for new communications, for example with (IP1). This address is used for new communications, for example with
a correspondent node (CN). If the MN moves to a new network and a correspondent node (CN). If the MN moves to a new network and
attaches to AR2, the process is repeated (MN obtains a new IP attaches to AR2, the process is repeated (MN obtains a new IP
address, IP2, from AR2). Since the IP address (IP1) configured at address, IP2, from AR2). Since the IP address (IP1) configured at
the previously visited network is not valid at the current attachment the previously visited network is not valid at the current attachment
point, and any existing flows have to be reestablished using IP2. point, and any existing flows have to be reestablished using IP2.
Note that in this scenarios, if there is no mobility support provided Note that in these scenarios, if there is no mobility support
by L4 or above, an application might be able to stop before changing provided by L4 or above, application traffic would stop.
point of attachement, and therefore the traffic would stop.
MN AR1 AR2 CN MN AR1 AR2 CN
|MN attaches to AR1: | | | |MN attaches to AR1: | | |
|acquires MN-ID and profile | | |acquires MN-ID and profile | |
|--RS---------------->| | | |--RS---------------->| | |
| | | | | | | |
|<----------RA(IP1)---| | | |<----------RA(IP1)---| | |
| | | | | | | |
Assigned prefix IP1 | | | Assigned prefix IP1 | | |
IP1 address configuration | | IP1 address configuration | |
skipping to change at page 10, line 48 skipping to change at page 12, line 48
Figure 4: Re-starting a flow with new IP prefix/address Figure 4: Re-starting a flow with new IP prefix/address
4.2. Mobility case, traffic redirection 4.2. Mobility case, traffic redirection
When IP mobility is needed for a flow, the LM and FM functions in When IP mobility is needed for a flow, the LM and FM functions in
Section 3.1 are utilized. There are two possible cases: (i) the Section 3.1 are utilized. There are two possible cases: (i) the
mobility anchor remains playing that role and forwards traffic to a mobility anchor remains playing that role and forwards traffic to a
new locator in the new network, and (ii) the mobility anchor (data new locator in the new network, and (ii) the mobility anchor (data
plane function) is changed but binds the MN's transferred IP address/ plane function) is changed but binds the MN's transferred IP address/
prefix. The latter enables optimized routes but requires some data prefix. The latter enables optimized routes but requires some data
plane node that enforces rules for traffic indirection. Next, we plane node that enforces traffic indirection. Next, we focus on the
focus on the first case. The second one is addressed in Section 4.3. first case. The second one is addressed in Section 4.3.
Mobility support can be provided by using mobility management Mobility support can be provided by using mobility management
methods, such as the several approaches surveyed in the academic methods, such as the several approaches surveyed in the academic
papers ([Paper-Distributed.Mobility], papers ([Paper-Distributed.Mobility],
[Paper-Distributed.Mobility.PMIP] and [Paper-Distributed.Mobility.PMIP] and
[Paper-Distributed.Mobility.Review]). After moving, a certain MN's [Paper-Distributed.Mobility.Review]). After moving, a certain MN's
traffic flow may continue using the IP prefix from the prior network traffic flow may continue using the IP prefix from the prior network
of attachment. Yet, some time later, the application generating this of attachment. Yet, some time later, the application generating this
traffic flow may be closed. If the application is started again, the traffic flow may be closed. If the application is started again, the
new flow may not need to use the prior network's IP address to avoid new flow may not need to use the prior network's IP address to avoid
skipping to change at page 13, line 15 skipping to change at page 15, line 15
Net1 Net2 Net1 Net2
+---------------+ +---------------+ +---------------+ +---------------+
|AR1 | |AR2 | |AR1 | |AR2 |
+---------------+ +---------------+ +---------------+ +---------------+
|CPA: | |CPA: | |CPA: | |CPA: |
| | |LM:IP1 at IPa1 | | | |LM:IP1 at IPa1 |
|---------------| IP1 (anchored to Net1) |---------------| |---------------| IP1 (anchored to Net1) |---------------|
|DPA(IPa1): | is redirected to Net2 |DPA(IPa2): | |DPA(IPa1): | is redirected to Net2 |DPA(IPa2): |
|anchors IP1 | =======> |anchors IP2 | |anchors IP1 | =======> |anchors IP2 |
|FM:IP1 via IPa2| |FM:IP1 via IPa1|
+---------------+ +---------------+ +---------------+ +---------------+
+...............+ +---------------+ +...............+ +---------------+
.MN(IP1) . MN moves |MN(IP2,IP1) | .MN(IP1) . MN moves |MN(IP2,IP1) |
.flow(IP1,...) . =======> |flow(IP1,...) | .flow(IP1,...) . =======> |flow(IP1,...) |
. . |flow(IP2,...) | . . |flow(IP2,...) |
+...............+ +---------------+ +...............+ +---------------+
Figure 6: Anchor redirection Figure 6: Anchor redirection
skipping to change at page 13, line 36 skipping to change at page 15, line 37
IP prefixes to the MNs, are needed to provide distributed mobility IP prefixes to the MNs, are needed to provide distributed mobility
anchoring in an appropriate configuration such as those described in anchoring in an appropriate configuration such as those described in
Figure 1 (Section 3.1.1) for network-based distributed mobility or in Figure 1 (Section 3.1.1) for network-based distributed mobility or in
Figure 2 (Section 3.1.2) for client-based distributed mobility. Figure 2 (Section 3.1.2) for client-based distributed mobility.
4.3. Mobility case, anchor relocation 4.3. Mobility case, anchor relocation
We focus next on the case where the mobility anchor (data plane We focus next on the case where the mobility anchor (data plane
function) is changed but binds the MN's transferred IP address/ function) is changed but binds the MN's transferred IP address/
prefix. This enables optimized routes but requires some data plane prefix. This enables optimized routes but requires some data plane
node that enforces rules for traffic indirection. node that enforces traffic indirection.
IP mobility is invoked to enable IP session continuity for an ongoing IP mobility is invoked to enable IP session continuity for an ongoing
flow as the MN moves to a new network. Here the anchoring of the IP flow as the MN moves to a new network. The anchoring of the IP
address of the flow is in the home network of the flow (i.e., address of the flow is in the home network of the flow (i.e.,
different from the current network of attachment). A centralized different from the current network of attachment). A centralized
mobility management mechanism may employ indirection from the anchor mobility management mechanism may employ indirection from the anchor
in the home network to the current network of attachment. Yet it may in the home network to the current network of attachment. Yet it may
be difficult to avoid using an unnecessarily long route (when the be difficult to avoid using an unnecessarily long route (when the
route between the MN and the CN via the anchor in the home network is route between the MN and the CN via the anchor in the home network is
significantly longer than the direct route between them). An significantly longer than the direct route between them). An
alternative is to move the IP prefix/address anchoring to the new alternative is to move the IP prefix/address anchoring to the new
network. network.
The IP prefix/address anchoring may move without changing the IP The IP prefix/address anchoring may move without changing the IP
prefix/address of the flow. Here the LM and FM functions in Figure 1 prefix/address of the flow. The LM function in Figure 1 in
in Section 3.1 are implemented as shown in Figure 7. Section 3.1.1 is implemented as shown in Figure 7.
Net1 Net2 Net1 Net2
+---------------+ +---------------+ +---------------+ +---------------+
|AR1 | |AR2 | |AR1 | |AR2 |
+---------------+ +---------------+ +---------------+ +---------------+
|CPA: | |CPA: | |CPA: | |CPA: |
|LM:IP1 at IPa1 | |LM:IP1 at IPa2 | |LM:IP1 at IPa1 | |LM:IP1 at IPa2 |
| changes to | | | | changes to | | |
| IP1 at IPa2 | | | | IP1 at IPa2 | | |
|---------------| |---------------| |---------------| |---------------|
|DPA(IPa1): | IP1 anchoring effectively moved |DPA(IPa2): | |DPA(IPa1): | IP1 anchoring effectively moved |DPA(IPa2): |
|anchored IP1 | =======> |anchors IP2,IP1| |anchored IP1 | =======> |anchors IP2,IP1|
+---------------+ +---------------+ +---------------+ +---------------+
+...............+ +---------------+ +...............+ +---------------+
.MN(IP1) . MN moves |MN(IP2,IP1) | .MN(IP1) . MN moves |MN(IP2,IP1) |
.flow(IP1,...) . =======> |flow(IP1,...) | .flow(IP1,...) . =======> |flow(IP1,...) |
+...............+ +---------------+ +...............+ +---------------+
Figure 7: Anchor mobility Figure 7: Anchor relocation
As an MN with an ongoing session moves to a new network, the flow may As an MN with an ongoing session moves to a new network, the flow may
preserve IP session continuity by moving the anchoring of the preserve IP session continuity by moving the anchoring of the
original IP prefix/address of the flow to the new network. original IP prefix/address of the flow to the new network.
One way to accomplish such a move is to use a centralized routing One way to accomplish such a move is to use a centralized routing
protocol, but such a solution may present some scalability concerns protocol, but such a solution may present some scalability concerns
and its applicability is typically limited to small networks. One and its applicability is typically limited to small networks. One
example of this type of solution is described in example of this type of solution is described in
[I-D.ietf-rtgwg-atn-bgp]. When a mobile associates with an anchor [I-D.ietf-rtgwg-atn-bgp]. When a MN associates with an anchor the
the anchor injects the mobile's prefix into the global routing anchor injects the mobile's prefix into the global routing system.
system. If the mobile moves to a new anchor, the old anchor If the MN moves to a new anchor, the old anchor withdraws the /64 and
withdraws the /64 and the new anchor injects it instead. the new anchor injects it instead.
5. Security Considerations 5. Security Considerations
As stated in [RFC7333], "a DMM solution MUST supportany security As stated in [RFC7333], "a DMM solution MUST support any security
protocols and mechanisms needed to secure the network and to make protocols and mechanisms needed to secure the network and to make
continuous security improvements". It "MUST NOT introduce new continuous security improvements". It "MUST NOT introduce new
security risks". security risks".
As described in [I-D.ietf-dmm-deployment-models], there are different There are different potential deployment models of a DMM solution.
potential deployment models of a DMM solution. The present document The present document has presented 3 different scenarios for
has presented 3 different scenarios for distributed anchoring: (i) distributed anchoring: (i) nomadic case, (ii) mobility case with
nomadic case, (ii) mobility case with traffic redirection, and (iii) traffic redirection, and (iii) mobility case with anchor relocation.
mobility case with anchor relocation. Each of them has different Each of them has different security requirements, and the actual
security requirements, and the actual security mechanisms would security mechanisms would depend on the specifics of each solution/
depend on the specifics of each solution/scenario. scenario.
As general rules, for the first distributed anchoring scenario As general rules, for the first distributed anchoring scenario
(nomadic case), no additional security consideration is needed, as (nomadic case), no additional security consideration is needed, as
this does not involve any additional mechanism at L3. If session this does not involve any additional mechanism at L3. If session
connectivity is required, the L4 or above solution used to provide it connectivity is required, the L4 or above solution used to provide it
MUST also provide the required authentication and security. MUST also provide the required authentication and security.
The second and third distributed anchoring scenarios (mobility case) The second and third distributed anchoring scenarios (mobility case)
involve mobility signalling among the mobile node and the control and involve mobility signalling among the mobile node and the control and
data plane anchors. The control-plane messages exchanged between data plane anchors. The control-plane messages exchanged between
these entitites MUST be protected using end-to-end security these entitites MUST be protected using end-to-end security
associations with data-integrity and data-origination capabilities. associations with data-integrity and data-origination capabilities.
IPsec ESP in transport mode with mandatory integrity protection IPsec [RFC8221] ESP in transport mode with mandatory integrity
SHOULD be used for protecting the signaling messages. IKEv2 should protection SHOULD be used for protecting the signaling messages.
be used to set up security associations between the data and control IKEv2 [RFC8247] SHOULD be used to set up security associations
plane anchors. between the data and control plane anchors. Note that in scenarios
in which traffic indirection mechanisms are used to relocate an
anchor, authentication and authorization mechanisms MUST be used.
Control-plane functionality MUST apply authorization checks to any
commands or updates that are made by the control-plane protocol.
6. IANA Considerations 6. IANA Considerations
This document presents no IANA considerations. This document presents no IANA considerations.
7. Contributors 7. Contributors
Alexandre Petrescu and Fred Templin had contributed to earlier Alexandre Petrescu and Fred Templin had contributed to earlier
versions of this document regarding distributed anchoring for versions of this document regarding distributed anchoring for
hierarchical network and for network mobility, although these hierarchical network and for network mobility, although these
skipping to change at page 15, line 42 skipping to change at page 18, line 5
This document has benefited from other work on mobility support in This document has benefited from other work on mobility support in
SDN network, on providing mobility support only when needed, and on SDN network, on providing mobility support only when needed, and on
mobility support in enterprise network. These works have been mobility support in enterprise network. These works have been
referenced. While some of these authors have taken the work to referenced. While some of these authors have taken the work to
jointly write this document, others have contributed at least jointly write this document, others have contributed at least
indirectly by writing these drafts. The latter include Philippe indirectly by writing these drafts. The latter include Philippe
Bertin, Dapeng Liu, Satoru Matushima, Pierrick Seite, Jouni Korhonen, Bertin, Dapeng Liu, Satoru Matushima, Pierrick Seite, Jouni Korhonen,
and Sri Gundavelli. and Sri Gundavelli.
Some terminology has been incorporated for completeness from draft-
ietf-dmm-deployment-models-04 document.
Valuable comments have been received from John Kaippallimalil, Valuable comments have been received from John Kaippallimalil,
ChunShan Xiong, Dapeng Liu, Fred Templin, Paul Kyzivat, Joseph ChunShan Xiong, Dapeng Liu, Fred Templin, Paul Kyzivat, Joseph
Salowey and Yoshifumi Nishida. Dirk von Hugo, Byju Pularikkal, Salowey, Yoshifumi Nishida, Carlos Pignataro, Mirja Kuehlewind, Eric
Pierrick Seite have generously provided careful review with helpful Vyncke, Qin Wu, Warren Kumari, Benjamin Kaduk, Roman Danyliw and
corrections and suggestions. Marco Liebsch and Lyle Bertz also Barry Leiba. Dirk von Hugo, Byju Pularikkal, Pierrick Seite have
performed very detailed and helpful reviews of this document. generously provided careful review with helpful corrections and
suggestions. Marco Liebsch and Lyle Bertz also performed very
detailed and helpful reviews of this document.
8. References 8. References
8.1. Normative References 8.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997, DOI 10.17487/RFC2119, March 1997,
<https://www.rfc-editor.org/info/rfc2119>. <https://www.rfc-editor.org/info/rfc2119>.
skipping to change at page 16, line 42 skipping to change at page 19, line 5
[RFC7429] Liu, D., Ed., Zuniga, JC., Ed., Seite, P., Chan, H., and [RFC7429] Liu, D., Ed., Zuniga, JC., Ed., Seite, P., Chan, H., and
CJ. Bernardos, "Distributed Mobility Management: Current CJ. Bernardos, "Distributed Mobility Management: Current
Practices and Gap Analysis", RFC 7429, Practices and Gap Analysis", RFC 7429,
DOI 10.17487/RFC7429, January 2015, DOI 10.17487/RFC7429, January 2015,
<https://www.rfc-editor.org/info/rfc7429>. <https://www.rfc-editor.org/info/rfc7429>.
[RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
May 2017, <https://www.rfc-editor.org/info/rfc8174>. May 2017, <https://www.rfc-editor.org/info/rfc8174>.
8.2. Informative References [RFC8221] Wouters, P., Migault, D., Mattsson, J., Nir, Y., and T.
Kivinen, "Cryptographic Algorithm Implementation
Requirements and Usage Guidance for Encapsulating Security
Payload (ESP) and Authentication Header (AH)", RFC 8221,
DOI 10.17487/RFC8221, October 2017,
<https://www.rfc-editor.org/info/rfc8221>.
[I-D.ietf-dmm-deployment-models] [RFC8247] Nir, Y., Kivinen, T., Wouters, P., and D. Migault,
Gundavelli, S. and S. Jeon, "DMM Deployment Models and "Algorithm Implementation Requirements and Usage Guidance
Architectural Considerations", draft-ietf-dmm-deployment- for the Internet Key Exchange Protocol Version 2 (IKEv2)",
models-04 (work in progress), May 2018. RFC 8247, DOI 10.17487/RFC8247, September 2017,
<https://www.rfc-editor.org/info/rfc8247>.
8.2. Informative References
[I-D.ietf-dmm-fpc-cpdp] [I-D.ietf-dmm-fpc-cpdp]
Matsushima, S., Bertz, L., Liebsch, M., Gundavelli, S., Matsushima, S., Bertz, L., Liebsch, M., Gundavelli, S.,
Moses, D., and C. Perkins, "Protocol for Forwarding Policy Moses, D., and C. Perkins, "Protocol for Forwarding Policy
Configuration (FPC) in DMM", draft-ietf-dmm-fpc-cpdp-12 Configuration (FPC) in DMM", draft-ietf-dmm-fpc-cpdp-12
(work in progress), June 2018. (work in progress), June 2018.
[I-D.ietf-dmm-pmipv6-dlif] [I-D.ietf-dmm-pmipv6-dlif]
Bernardos, C., Oliva, A., Giust, F., Zuniga, J., and A. Bernardos, C., Oliva, A., Giust, F., Zuniga, J., and A.
Mourad, "Proxy Mobile IPv6 extensions for Distributed Mourad, "Proxy Mobile IPv6 extensions for Distributed
Mobility Management", draft-ietf-dmm-pmipv6-dlif-04 (work Mobility Management", draft-ietf-dmm-pmipv6-dlif-05 (work
in progress), January 2019. in progress), November 2019.
[I-D.ietf-rtgwg-atn-bgp] [I-D.ietf-rtgwg-atn-bgp]
Templin, F., Saccone, G., Dawra, G., Lindem, A., and V. Templin, F., Saccone, G., Dawra, G., Lindem, A., and V.
Moreno, "A Simple BGP-based Mobile Routing System for the Moreno, "A Simple BGP-based Mobile Routing System for the
Aeronautical Telecommunications Network", draft-ietf- Aeronautical Telecommunications Network", draft-ietf-
rtgwg-atn-bgp-02 (work in progress), May 2019. rtgwg-atn-bgp-05 (work in progress), January 2020.
[I-D.matsushima-stateless-uplane-vepc] [I-D.matsushima-stateless-uplane-vepc]
Matsushima, S. and R. Wakikawa, "Stateless user-plane Matsushima, S. and R. Wakikawa, "Stateless user-plane
architecture for virtualized EPC (vEPC)", draft- architecture for virtualized EPC (vEPC)", draft-
matsushima-stateless-uplane-vepc-06 (work in progress), matsushima-stateless-uplane-vepc-06 (work in progress),
March 2016. March 2016.
[I-D.mccann-dmm-prefixcost] [I-D.mccann-dmm-prefixcost]
McCann, P. and J. Kaippallimalil, "Communicating Prefix McCann, P. and J. Kaippallimalil, "Communicating Prefix
Cost to Mobile Nodes", draft-mccann-dmm-prefixcost-03 Cost to Mobile Nodes", draft-mccann-dmm-prefixcost-03
 End of changes. 40 change blocks. 
116 lines changed or deleted 188 lines changed or added

This html diff was produced by rfcdiff 1.47. The latest version is available from http://tools.ietf.org/tools/rfcdiff/