NETEXT D. Liu
Internet-Draft Z. Cao
Intended status: Informational B. Zhou
Expires: September 14, 2011 China Mobile
March 14, 2011
IKEv2 based flow control extension of PMIPv6
draft-liu-netext-flow-pmip-03
Abstract
PMIPv6 is designed to provide network based mobility, it requries no
changes to the UE. There are proposals to extend PMIPv6 to support
flow mobility. Flow mobility requries the UE and the network having
communication protocol to carry the flow control messages. This
document proposes to use the extended IKEv2 protocol to carry the
flow control messages between the UE and network.
Status of this Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on September 8, 2011.
Copyright Notice
Copyright (c) 2011 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
Liu, et al. Expires September 8, 2011 [Page 1]
Internet-Draft IKEv2 based flow control for PMIP March 2011
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
2. Conventions used in this document . . . . . . . . . . . . . . . 3
3. Overview of using IKEv2 to carry flow control information . . . 3
4. IKEv2 configuration payload extension . . . . . . . . . . . . . 3
5. MN operation . . . . . . . . . . . . . . . . . . . . . . . . . 7
6. MAG operation . . . . . . . . . . . . . . . . . . . . . . . . . 7
7. LMA operation . . . . . . . . . . . . . . . . . . . . . . . . . 7
8. Security Considerations . . . . . . . . . . . . . . . . . . . . 7
9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 7
10. References . . . . . . . . . . . . . . . . . . . . . . . . . . 7
10.1. Normative References . . . . . . . . . . . . . . . . . . . 7
10.2. Informative References . . . . . . . . . . . . . . . . . . 8
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 8
Liu, et al. Expires September 8, 2011 [Page 2]
Internet-Draft IKEv2 based flow control for PMIP March 2011
1. Introduction
There are proposals to extend PMIPv6 to support flow mobility. But
there is currently no protocol is specified between the UE and
network which is used to carry the flow control policies. Since
PMIPv6 is aimed to provide network based mobility solution and no UE
changes is prefered, it is not feasible to define new protocol
between the UE and network which is used to carry the flow control
information. This document proposes to use extended IKE protocol to
carry the flow control information.
2. Conventions used in this document
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL","SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in [RFC2119].
3. Overview of using IKEv2 to carry flow control information
IKEv2 is used for security parameter negotiation. It is usally used
combine with IPSec. There are configuration payload options in IKEv2
which could be used for IP address allocation and other configuration
purposes. This document proposes to extend the configuration
payloads to carry the flow control information.
IKEv2/IPSec is also used for protecting mobility signalling in 3GPP.
In 3GPP architecture, s2b interface is based on PMIP and used for un-
trusted non-3GPP access. There is an IPSec tunnel between the UE and
the un-trusted non- 3GPP access gateway(ePDG). This IPSec tunnel's
security association and other security parameters are set up using
IKEv2. Except for the security function, the IKEv2 protocol between
the UE and no-3GPP access gateway(ePDG) is also used for IP address
configuration. The IP address is carried by configuration payload in
IKEv2.
From the above analysis, we can see that there is a mandatory IKEv2
protocol running between the UE and the network in 3GPP s2b
interface. It is natural to consider extending this protocol to
carry the flow mobility control information.
4. IKEv2 configuration payload extension
IKEv2's configuration payload is defined to carry configuration
information, for example: IP address allocation etc. The format of
the configration payload is as follows:
Liu, et al. Expires September 8, 2011 [Page 3]
Internet-Draft IKEv2 based flow control for PMIP March 2011
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
! Next Payload !C! RESERVED ! Payload Length !
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
! CFG Type ! RESERVED !
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
! !
~ Configuration Attributes ~
! !
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 1: Format of Configuration Payload of IKEv2
As Figure 1 depicted, IKEv2 configuration payload has CFG Type and
configuration attributes options. CFG Type includes CFG_REQUEST,
CFG_REPLY, CFG_SET, CFG_ACK. "CFG_SET/CFG_ACK" allows an IKE
endpoint to push configuration data to its peer. "CFG_REQUEST/
CFG_REPLY" allows an IKE endpoint to request information from its
peer.
Configuration attributes has the following format:
1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
!R| Attribute Type ! Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
~ Value ~
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 2: Format of Configuration attributes
Current specified attribute type include:
Liu, et al. Expires September 8, 2011 [Page 4]
Internet-Draft IKEv2 based flow control for PMIP March 2011
Multi-
Attribute Type Value Valued Length
======================= ===== ====== ==================
RESERVED 0
INTERNAL_IP4_ADDRESS 1 YES* 0 or 4 octets
INTERNAL_IP4_NETMASK 2 NO 0 or 4 octets
INTERNAL_IP4_DNS 3 YES 0 or 4 octets
INTERNAL_IP4_NBNS 4 YES 0 or 4 octets
INTERNAL_ADDRESS_EXPIRY 5 NO 0 or 4 octets
INTERNAL_IP4_DHCP 6 YES 0 or 4 octets
APPLICATION_VERSION 7 NO 0 or more
INTERNAL_IP6_ADDRESS 8 YES* 0 or 17 octets
RESERVED 9
INTERNAL_IP6_DNS 10 YES 0 or 16 octets
INTERNAL_IP6_NBNS 11 YES 0 or 16 octets
INTERNAL_IP6_DHCP 12 YES 0 or 16 octets
INTERNAL_IP4_SUBNET 13 YES 0 or 8 octets
SUPPORTED_ATTRIBUTES 14 NO Multiple of 2
INTERNAL_IP6_SUBNET 15 YES 17 octets
Figure 3: Attribute type
This document proposes to extend the attribute type of the
Configuration attributes , adding two new types: IPv4_FLOW_CONTROL/
IPv6_FLOW_CONTROL, the definition of this proposal is as follows:
Multi-
Attribute Type Value Valued Length
======================= ===== ====== ==================
IPv4_FLOW_CONTROL 20 YES* 0 or x octets
IPv6_FLOW_CONTROL 21 YES* 0 or x octets
Figure 4: Attribute type extension
The corresponding value of this proposed FLOW_CONTROL attribute is as
follows:
Liu, et al. Expires September 8, 2011 [Page 5]
Internet-Draft IKEv2 based flow control for PMIP March 2011
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| MN-ID | BID |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| HNP | Action |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| start Source Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| End Source Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| start Destination Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| End Destination Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Start SPI |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| End SPI |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Start Source port | End Source port |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| start Destination port | End Destination port |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 5: FLOW_CONTROL Attribute value definition
o MN-ID: MN idendification of the mobile node.
o BID: Binding idendification associated with this flow and HNP.
o HNP: Home network prefix associated with this flow.
o Action: The action that the sender request the receiver to
perform. Actions may include:Foward(1): request the receiver to
foward the flow based on the HNP and BID.other values of action
need further specified.
o Start Source Address: Start of source address of this flow. this
address could be IPv4 or IPv6 address, depending on the
FLOW_CONTROL type is IPv4 or IPv6.
o End Source Address: end of source address of this flow. this
address could be IPv4 or IPv6 address, depending on the
FLOW_CONTROL type is IPv4 or IPv6.
o Start Destination Address:start of destination address of this
flow. this address could be IPv4 or IPv6 address, depending on the
FLOW_CONTROL type is IPv4 or IPv6.
o End Destination Address:end of destination address of this flow.
this address could be IPv4 or IPv6 address, depending on the
FLOW_CONTROL type is IPv4 or IPv6.
Liu, et al. Expires September 8, 2011 [Page 6]
Internet-Draft IKEv2 based flow control for PMIP March 2011
o Start SPI: Start SPI of this flow.
o End SPI: End SPI of this flow.
o Start Source port: Start soure port of this flow.
o End Source port: End of source port of this flow.
o Start Destination port: Start of destination port of this flow.
o End Destination port: End of destination port of this flow.
5. MN operation
for flow mobility, MN decides when to initiate flow handover. MN
uses the above extended IKEv2 configureation payload extension to
send the flow control message. Flow mobility polilcy control
function need to communicate with the IKE module in the MN to carry
the flow mobility control information.
6. MAG operation
MAG needs to get the flow mobility control information from the IKE
configration payload extension. MAG then send PBU message with the
flow mobility extension.
7. LMA operation
LMA get flow control information from the PBU which carries the flow
mobility extension. Then it control the flow mobility action
accordingly.
8. Security Considerations
TBD
9. IANA Considerations
None
10. References
10.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997.
Liu, et al. Expires September 8, 2011 [Page 7]
Internet-Draft IKEv2 based flow control for PMIP March 2011
[RFC3775] Johnson, D., Perkins, C., and J. Arkko, "Mobility Support
in IPv6", RFC 3775, June 2004.
[RFC5213] Gundavelli, S., Leung, K., Devarapalli, V., Chowdhury, K.,
and B. Patil, "Proxy Mobile IPv6", RFC 5213, August 2008.
10.2. Informative References
[I-D.ietf-mext-flow-binding]
Tsirtsis, G., Soliman, H., Montavont, N., Giaretta, G.,
and K. Kuladinithi, "Flow Bindings in Mobile IPv6 and NEMO
Basic Support", draft-ietf-mext-flow-binding-11 (work in
progress), October 2010.
[RFC4306] Kaufman, C., "Internet Key Exchange (IKEv2) Protocol",
RFC 4306, December 2005.
Authors' Addresses
Dapeng Liu
China Mobile
Unit2, 28 Xuanwumenxi Ave,Xuanwu District
Beijing 100053
China
Email: liudapeng@chinamobile.com
Zhen Cao
China Mobile
Unit2, 28 Xuanwumenxi Ave,Xuanwu District
Beijing 100053
China
Email: caozhen@chinamobile.com
Bo Zhou
China Mobile
Unit2, 28 Xuanwumenxi Ave,Xuanwu District
Beijing 100053
China
Email: zhouboyj@chinamobile.com
Liu, et al. Expires September 8, 2011 [Page 8]