--- 1/draft-ietf-dmm-requirements-14.txt 2014-03-03 15:14:46.364612370 -0800 +++ 2/draft-ietf-dmm-requirements-15.txt 2014-03-03 15:14:46.404613347 -0800 @@ -1,34 +1,37 @@ Network Working Group H. Chan (Ed.) Internet-Draft Huawei Technologies Intended status: Informational D. Liu -Expires: August 7, 2014 China Mobile +Expires: September 4, 2014 China Mobile P. Seite Orange H. Yokota KDDI Lab J. Korhonen Broadcom Communications - February 3, 2014 + March 3, 2014 Requirements for Distributed Mobility Management - draft-ietf-dmm-requirements-14 + draft-ietf-dmm-requirements-15 Abstract This document defines the requirements for Distributed Mobility Management (DMM) at the network layer. The hierarchical structure in - traditional wireless networks has led primarily to centralized - deployment models. As some wireless networks are evolving away from - the hierarchical structure, a distributed model for mobility - management can be useful to them. + traditional wireless networks has led primarily to centrally deployed + mobility anchors. As some wireless networks are evolving away from + the hierarchical structure, it can be useful have a distributed model + for mobility management in which traffic does not need to traverse + centrally deployed mobility anchors far from the optimal route. The + motivation and the problems addressed by each requirement are also + described. Requirements Language The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 RFC 2119 [RFC2119]. Status of this Memo @@ -38,54 +41,54 @@ Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at http://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." - This Internet-Draft will expire on August 7, 2014. + This Internet-Draft will expire on September 4, 2014. Copyright Notice Copyright (c) 2014 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Table of Contents - 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 - 2. Conventions used in this document . . . . . . . . . . . . . . 4 - 2.1. Terminology . . . . . . . . . . . . . . . . . . . . . . . 4 - 3. Centralized versus distributed mobility management . . . . . . 5 - 3.1. Centralized mobility management . . . . . . . . . . . . . 6 - 3.2. Distributed mobility management . . . . . . . . . . . . . 7 - 4. Problem Statement . . . . . . . . . . . . . . . . . . . . . . 8 - 5. Requirements . . . . . . . . . . . . . . . . . . . . . . . . . 10 - 6. Security Considerations . . . . . . . . . . . . . . . . . . . 13 - 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 13 - 8. Contributors . . . . . . . . . . . . . . . . . . . . . . . . . 13 - 9. References . . . . . . . . . . . . . . . . . . . . . . . . . . 15 - 9.1. Normative References . . . . . . . . . . . . . . . . . . . 15 - 9.2. Informative References . . . . . . . . . . . . . . . . . . 15 - Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 18 + 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4 + 2. Conventions used in this document . . . . . . . . . . . . . . 5 + 2.1. Terminology . . . . . . . . . . . . . . . . . . . . . . . 5 + 3. Centralized versus distributed mobility management . . . . . . 6 + 3.1. Centralized mobility management . . . . . . . . . . . . . 7 + 3.2. Distributed mobility management . . . . . . . . . . . . . 8 + 4. Problem Statement . . . . . . . . . . . . . . . . . . . . . . 9 + 5. Requirements . . . . . . . . . . . . . . . . . . . . . . . . . 11 + 6. Security Considerations . . . . . . . . . . . . . . . . . . . 14 + 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 14 + 8. Contributors . . . . . . . . . . . . . . . . . . . . . . . . . 14 + 9. References . . . . . . . . . . . . . . . . . . . . . . . . . . 17 + 9.1. Normative References . . . . . . . . . . . . . . . . . . . 17 + 9.2. Informative References . . . . . . . . . . . . . . . . . . 17 + Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 19 1. Introduction In the past decade a fair number of network-layer mobility protocols have been standardized [RFC6275] [RFC5944] [RFC5380] [RFC6301] [RFC5213]. Although the protocols differ in terms of functions and associated message formats, they all employ a mobility anchor to allow a mobile node to remain reachable after it has moved to a different network. The anchor point, among other tasks, ensures connectivity by forwarding packets destined to, or sent from, the @@ -97,26 +100,28 @@ Distributed mobility management (DMM) is an alternative to the above centralized deployment. The background behind the interests to study DMM are primarily in the following. (1) Mobile users are, more than ever, consuming Internet content including that of local Content Delivery Networks (CDNs) which had not taken mobility service into account before. Such traffic imposes new requirements on mobile core networks for data traffic delivery. To prevent exceeding the available core network capacity, service providers need to implement new - strategies such as selective IPv4 traffic offload (e.g. - [RFC6909], 3GPP work items Local IP Access (LIPA) and Selected - IP Traffic Offload (SIPTO) [TS.23.401]) through alternative - access networks (e.g. WLAN) [Paper-Mobile.Data.Offloading]. In - addition, a gateway selection mechanism takes the user proximity - into account within EPC [TS.29303]. Yet these mechanisms were + strategies such as selective IPv4 traffic offload (e.g., + [RFC6909], Third Generation Partnership Project (3GPP) work + items Local IP Access (LIPA) and Selected IP Traffic Offload + (SIPTO) [TS.23.401]) through alternative access networks such as + Wireless Local Area Network (WLAN) [Paper- + Mobile.Data.Offloading]. In addition, a gateway selection + mechanism takes the user proximity into account within the EPC + Evolved Packet Core (EPC) [TS.29303]. Yet these mechanisms were not pursued in the past owing to charging and billing which require solutions beyond the mobility protocol. Consequently, assigning a gateway anchor node from a visited network in roaming scenario has until recently been done and are limited to voice services only. Both traffic offloading and CDN mechanisms could benefit from the development of mobile architectures with fewer levels of routing hierarchy introduced into the data path by the mobility management system. This trend towards so-called "flat networks" @@ -236,30 +241,29 @@ session identifier are routed via this anchor. In other words, such mobility management systems are centralized in both the control plane and the data plane (mobile node IP traffic). Many existing mobility management deployments make use of centralized mobility anchoring in a hierarchical network architecture, as shown in Figure 1. Examples are the home agent (HA) and local mobility anchor (LMA) serving as the anchors for the mobile node (MN) and Mobile Access Gateway (MAG) in Mobile IPv6 [RFC6275] and in Proxy Mobile IPv6 [RFC5213] respectively. Cellular networks such as the - Third Generation Partnership Project (3GPP) General Packet Radio - System (GPRS) networks and 3GPP Evolved Packet System (EPS) networks - employ centralized mobility management too. In the 3GPP GPRS - network, the Gateway GPRS Support Node (GGSN), Serving GPRS Support - Node (SGSN) and Radio Network Controller (RNC) constitute a hierarchy - of anchors. In the 3GPP EPS network, the Packet Data Network Gateway - (P-GW) and Serving Gateway (S-GW) constitute another hierarchy of - anchors. + 3GPP General Packet Radio System (GPRS) networks and 3GPP Evolved + Packet System (EPS) networks employ centralized mobility management + too. In the 3GPP GPRS network, the Gateway GPRS Support Node (GGSN), + Serving GPRS Support Node (SGSN) and Radio Network Controller (RNC) + constitute a hierarchy of anchors. In the 3GPP EPS network, the + Packet Data Network Gateway (P-GW) and Serving Gateway (S-GW) + constitute another hierarchy of anchors. - 3G GPRS 3GPP EPS MIP/PMIP + 3GPP GPRS 3GPP EPS MIP/PMIP +------+ +------+ +------+ | GGSN | | P-GW | |HA/LMA| +------+ +------+ +------+ /\ /\ /\ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ @@ -361,21 +365,21 @@ mobility management can be far greater as well. PS5: Unnecessary mobility support to clients that do not need it IP mobility support is usually provided to all MNs. Yet it is not always required, and not every parameter of mobility context is always used. For example, some applications or nodes do not need a stable IP address during a handover to maintain session continuity. Sometimes, the entire application session runs while the MN does not change the point of - attachment. Besides, some sessions, e.g. SIP-based sessions, + attachment. Besides, some sessions, e.g., SIP-based sessions, can handle mobility at the application layer and hence do not need IP mobility support; it is then unnecessary to provide IP mobility support for such sessions. PS6: Mobility signaling overhead with peer-to-peer communication Wasting resources when mobility signaling (e.g., maintenance of the tunnel, keep alive signaling, etc.) is not turned off for peer-to-peer communication. @@ -385,39 +389,38 @@ mobility solutions at other layers. Deployment of new mobility management solutions can be challenging, and debugging difficult, when they co-exist with solutions already deployed in the field. PS8: Duplicate multicast traffic IP multicast distribution over architectures using IP mobility solutions (e.g., [RFC6224]) may lead to convergence of duplicated multicast subscriptions towards the downstream - tunnel entity (e.g. MAG in PMIPv6). Concretely, when + tunnel entity (e.g., MAG in PMIPv6). Concretely, when multicast subscription for individual mobile nodes is coupled - with mobility tunnels (e.g. PMIPv6 tunnel), duplicate + with mobility tunnels (e.g., PMIPv6 tunnel), duplicate multicast subscription(s) is prone to be received through different upstream paths. This problem may also exist or be more severe in a distributed mobility environment. 5. Requirements After comparing distributed mobility management against centralized deployment in Section 3 and describing the problems in Section 4, this section identifies the following requirements: - REQ1: Distributed processing + REQ1: Distributed mobility management IP mobility, network access and routing solutions provided by - DMM MUST enable distributed processing for mobility management - so that traffic can avoid traversing single mobility anchor - far from the optimal route. + DMM MUST enable traffic to avoid traversing single mobility + anchor far from the optimal route. Motivation: This requirement is motivated by current trends in network evolution: (a) it is cost- and resource-effective to cache contents, and the caching (e.g., CDN) servers are distributed so that each user in any location can be close to one of the servers; (b) the significantly larger number of mobile nodes and flows call for improved scalability; (c) single points of failure are avoided in a distributed system; (d) threats against centrally deployed anchors, e.g., home agent and local mobility anchor, are mitigated in a @@ -425,27 +428,27 @@ This requirement addresses the problems PS1, PS2, PS3, and PS4 described in Section 4. REQ2: Bypassable network-layer mobility support DMM solutions MUST enable network-layer mobility but it MUST be possible to not use it. Mobility support is needed, for example, when a mobile host moves and an application cannot cope with a change in the IP address. Mobility support is - also needed, for example, when a mobile router moves together - with a host and an application in the host is interrupted by a - change of IP address of the mobile router. However mobility - support at the network-layer is not always needed; a mobile - node can often be stationary, and mobility support can also be - provided at other layers. It is then not always necessary to - maintain a stable IP address or prefix. + also needed when a mobile router changes its IP address as it + moves together with a host and, in the presence of ingress + filtering, an application in the host is interrupted. However + mobility support at the network-layer is not always needed; a + mobile node can often be stationary, and mobility support can + also be provided at other layers. It is then not always + necessary to maintain a stable IP address or prefix. Motivation: The motivation of this requirement is to enable more efficient routing and more efficient use of network resources by selecting an IP address or prefix according to whether mobility support is needed and by not maintaining context at the mobility anchor when there is no such need. This requirement addresses the problems PS5 and PS6 described in Section 4. @@ -501,27 +504,32 @@ A DMM solution MUST NOT introduce new security risks, or amplify existing security risks, that cannot be mitigated by existing security mechanisms or protocols. Motivation: Various attacks such as impersonation, denial of service, man-in-the-middle attacks, and so on, may be launched in a DMM deployment. For instance, an illegitimate node may attempt to access a network providing DMM. Another example is that a malicious node can forge a number of signaling messages thus redirecting traffic from its legitimate path. - Consequently, the specific node is under a denial of service - attack, whereas other nodes do not receive their traffic. - Accordingly, security mechanisms/protocols providing access - control, integrity, authentication, authorization, - confidentiality, etc. can be used to protect the DMM entities - as they are already used to protect against existing networks - and existing mobility protocols defined in IETF. + Consequently, the specific node or nodes to which the traffic + is redirected may be under a denial of service attack, whereas + other nodes do not receive their traffic. Accordingly, + security mechanisms/protocols providing access control, + integrity, authentication, authorization, confidentiality, + etc. should be used to protect the DMM entities as they are + already used to protect against existing networks and existing + mobility protocols defined in IETF. Yet if a candidate DMM + solution is such that even the proper use of these existing + security mechanisms/protocols are unable to provide sufficient + security protection, that candidate DMM solution is causing + uncontrollable security problems. This requirement prevents a DMM solution from introducing uncontrollable problems of potentially insecure mobility management protocols which make deployment infeasible because platforms conforming to the protocols are at risk for data loss and numerous other dangers, including financial harm to the users. REQ7: Multicast considerations DMM SHOULD enable multicast solutions to be developed to avoid @@ -538,21 +546,21 @@ should then avoid restricting the management of all IP multicast traffic to a single host through a dedicated (tunnel) interface on multicast-capable access routers. This requirement addresses the problems PS1 and PS8 described in Section 4. 6. Security Considerations Please refer to the discussion under Security requirement in Section - 5.6. + 5. 7. IANA Considerations None 8. Contributors This requirements document is a joint effort among numerous participants working in a team. In addition to the authors, each of the following has made very significant and important contributions @@ -597,20 +605,24 @@ Wen Luo ZTE No.68, Zijinhua RD,Yuhuatai District, Nanjing, Jiangsu 210012, China Email: luo.wen@zte.com.cn Sri Gundavelli Cisco sgundave@cisco.com + Hui Deng + China Mobile + Email: denghui@chinamobile.com + Marco Liebsch NEC Laboratories Europe Email: liebsch@neclab.eu Carl Williams MCSR Labs Email: carlw@mcsr-labs.org Seil Jeon Instituto de Telecomunicacoes, Aveiro