[Docs] [txt|pdf] [Tracker] [Email] [Nits]

Versions: 00

INTERNET DRAFT                                           Carey B. Becker
Category: Informational                                  Basavaraj Patil
Title: <draft-becker-mobileip-ipm-arch-00.txt>             Emad Qaddoura
Date: October 1999                                       Nortel Networks



                   IP Mobility Architecture Framework




Status of this Memo

     This document is an Internet-Draft and is in full conformance with
     all provisions of Section 10 of RFC2026.

     Internet-Drafts are working documents of the Internet Engineering
     Task Force (IETF), its areas, and its working groups.  Note that
     other groups may also distribute working documents as Internet-
     Drafts.

     Internet-Drafts are draft documents valid for a maximum of six
     months and may be updated, replaced, or obsoleted by other
     documents at any time.  It is inappropriate to use Internet-Drafts
     as reference material or to cite them other than as "work in
     progress."

     The list of current Internet-Drafts can be accessed at
     http://www.ietf.org/ietf/1id-abstracts.txt

     The list of Internet-Draft Shadow Directories can be accessed at
     http://www.ietf.org/shadow.html.



Abstract

     Today, the wireless network arena is made up of different types of
     access (TDMA, CDMA, GSM, etc) and core network technologies (IS-41
     and MAP over SS7, etc). The heterogeneous nature of today's
     wireless and wireline packet data networks limits the scope of
     mobility between these heterogeneous networks. However, as these
     heterogeneous networks evolve, the mobility management provided by
     them must evolve to ensure seamless roaming between the networks.

     With the convergence of voice and data, networks of the future will
     be built on IP packet switched technology, mostly due to inherent



Becker, Patil, Qaddoura   Expires April, 2000                   [Page 1]


Internet-Draft     IP Mobility Architecture Framework      October, 1999


     advantages offered by the technology.

     This document identifies several drivers that provide input for an
     IP Mobility based network and also describes a high level IP
     Mobility architecture that extends the current third generation
     IMT2000 wireless architecture and builds on Mobile IP concepts.


     Table Of Contents


     1 Introduction............................................2

     2 IP Mobility Architecture................................4

     2.1 Network Reference Model...............................6

     2.2 Home Network..........................................6

     2.2.1 Home Network Mobility Components....................7

     2.3 Foreign Network.......................................9

     2.3.1 Foreign Network Mobility Components................10

     2.4 Access Network.......................................11

     2.5 IP Network...........................................11

     2.6 Mobile Nodes.........................................11

     2.7 User Identification..................................12

     3 Conclusion.............................................12

     4 Acknowledgements.......................................12

     5 References.............................................13

     6 Authors' Addresses.....................................14



1.  Introduction

     User mobility is an integral part of today's and future wireless
     and wireline packet data networks. Today, the wireless network
     arena is made up of different types of access (TDMA, CDMA, GSM,



Becker, Patil, Qaddoura   Expires April, 2000                   [Page 2]


Internet-Draft     IP Mobility Architecture Framework      October, 1999


     802.11, etc) and core network technologies (IS-41 and MAP over SS7,
     etc.). The heterogeneous nature of today's wireless and wireline
     packet data networks limits the scope of mobility between these
     heterogeneous networks. However, as these heterogeneous networks
     evolve, the mobility management provided by them must evolve to
     ensure seamless roaming between the networks.

     With the convergence of voice networks and data networks, networks
     of the future will be built on IP packet switched technology,
     mostly due to inherent advantages offered by the technology (the
     details of which are beyond the scope of this document). The change
     from the current SS7 based wireless networks to IP centric wireless
     networks is already happening. In the very near future, mobile
     devices that support IP stacks will also proliferate.

     The combination of these two concepts, the networks moving to IP
     packet switched technology and the evolution of mobility management
     to ensure seamless roaming, defines what we call IP Mobility. There
     are several drivers that are paving the way for defining an
     architecture that is IP Mobility enabled. Some of these are:

     1.   The network should allow for seamless roaming between
          heterogeneous wireless and wireline networks.

     2.   The network infrastructure should be access independent.

          As our wireless networks evolve, it will remain a fact of life
          that we will need to support multiple types of wireless
          accesses, e.g., CDMA, TDMA, etc. Users should be able to roam
          between these different access types via a mobile device that
          supports access specific interface cards which provide the
          appropriate 'layer 2' access. However, the current networking
          protocols that perform the mobility management functions
          specific to the heterogeneous technologies can evolve into a
          single protocol.

     3.   Mobility needs to be based on the users, not the device used
          by the user.

          GSM already supports the concept of mobility being based on a
          user via the International Mobile Subscriber Identity (IMSI),
          although the IMSI is not known by the user. In North American
          Cellular systems, e.g., TDMA, CDMA, etc, a user is identified
          via a Mobile Identification Number (MIN) that is specific to
          the mobile device. This association needs to be separated.
          Also, both of these concepts are based on users being assigned
          'telephony' user IDs, which are solely based on digits. User
          IDs should not be restricted to digit only identifiers or



Becker, Patil, Qaddoura   Expires April, 2000                   [Page 3]


Internet-Draft     IP Mobility Architecture Framework      October, 1999


          restricted to the realm of telephony IDs.

     4.   A roaming user should only need a single subscription to
          access a home network.

          Within the scope of packet data services being defined for
          CDMA systems, a user must have a subscription with a cellular
          provider to gain access to the cellular network. After which
          the user is authenticated, the user's mobile device is put on
          a traffic channel to allow the user's mobile IP subscription
          to be authenticated with the users home network. The multiple
          subscriptions translate to multiple unwanted registrations and
          a waste of radio resources for the second registration.

     5.   The network should support the removal of triangle routes
          within the network.

          Triangle routes (which contain routing anchor point) can be
          established at two points, 1) at the home network as defined
          in mobile IP [2] and 2) at the foreign network as proposed in
          [4] and [5]. The network needs to support a mechanism, similar
          to what is defined in [6], which can alleviate the problems
          associated with anchor points.  The network needs to support
          policies that allow or disallow triangle routes, e.g., a
          policy that wants to hide knowledge of where the user is
          located.

     6.   Service providers would like to deploy the same network
          infrastructure in both their wireline and wireless networks.

          One of the major business drivers is to gain economies of
          scale from deploying the same network infrastructure, e.g.,
          network operation, services platforms, etc, within the service
          provider's networks that is independent of the access
          networks. However, mechanisms should be provided that will
          allow the networks to be optimized on the type of access
          network.

     None of the current packet data technologies, GPRS, Mobile IP and
     CDPD, support all the concepts depicted in the above drivers. An
     architecture must be defined that can provide the functions that
     ensure true seamless roaming within a mobility enabled IP network.


2.  IP Mobility Architecture

     To be able to achieve a mobility enabled IP network that satisfies
     the drivers stated in the previous section, an enhanced



Becker, Patil, Qaddoura   Expires April, 2000                   [Page 4]


Internet-Draft     IP Mobility Architecture Framework      October, 1999


     architecture needs to be defined that extends the current third
     generation IMT2000 wireless architecture and mobile IP. This
     section defines such an architecture.

     The intent of defining this architecture is to propose a strategy
     and a framework for next generation networks that are mobility
     enabled. The transition strategies required by the packet data
     technologies to evolve to this architecture are outside the scope
     of this document.  However, it is an important item that should be
     addressed as part of the work group discussions.

     The architecture described in this draft is not complete but is
     intended to provide a starting point for further enhancements and
     development. It does not include some necessary concepts; one
     example being brokers/proxies as described in [7] and [8]. However,
     it does contain a substantial subset of what is needed to provide
     mobility within IP networks.


































Becker, Patil, Qaddoura   Expires April, 2000                   [Page 5]


Internet-Draft     IP Mobility Architecture Framework      October, 1999


2.1.  Network Reference Model

     The following figure depicts the logical view of the proposed
     network architecture.


+ -----------------------------------------------------------+
|  +-----+   +------+   +-----------+   +----------------+   |
|  | DNS |   | DHCP |   |  Unified  |   | Authentication |   |
|  +-----+   +------+   | Directory |   |      Server    |   |
|                       +-----------+   +----------------+   |
|                                                            |  Home
|  +------------+   +----------+   +------+                  | Network
|  |  Mobility  |   | Security |   | AAA+ |                  |
|  | Mgmt (HA+) |   | Gateway  |   +------+                  |
|  +------------+   +----------+                             |
+ -----------------------------------------------------------+
                           |  |   IP network
                           |  |
+ -----------------------------------------------------------+
|  +------------+   +----------+   +------+   +------+       |
|  |  Mobility  |   | Security |   | AAA+ |   | DHCP |       | Foreign
|  | Mgmt (FA+) |   | Gateway  |   +------+   +------+       | Network
|  +------------+   +----------+                             |
+ -----------------------------------------------------------+
                                ||
                                ||
+ -----------------------------------------------------------+
|  +----------+     +-----------+            +-----------+   |
|  | Location |     | Cell Site |   . . .    | Cell Site |   | Access
|  | Tracking |     +-----------+            +-----------+   | Network
|  +----------+                                              |
+ -----------------------------------------------------------+

           Figure 1: Network Reference Model



     The following sections describe the functionality of the components
     of the network reference model.


2.2.  Home Network

     The Home Network is very similar in concept to the home network
     defined in [2] and the home network defined in the wireless
     networks. Basically, the Home network is a combination of the two
     with some extensions.



Becker, Patil, Qaddoura   Expires April, 2000                   [Page 6]


Internet-Draft     IP Mobility Architecture Framework      October, 1999


     Some of the relevant functions of the Home Network as they relate
     to mobility are:

     *    It is the home network that 'owns' the mobile user's
          subscription.

     *    Maintains the mobile user's subscription and associated
          subscriber profile.

     *    Provides mobility to subscribers on a 'larger' scale. It is
          responsible for maintaining the current location of the mobile
          user.

     *    Allocation of mobile node IP addresses

     *    Supports a 'unified' directory for subscriber profiles
          independent of the access network type.

     *    Stores policies and profiles associated with mobile users.

     *    Provides Authorization functions associated with the mobile
          user.

     *    May provide the Authentication functions required to
          authenticate the mobile user.

     *    Support Service Level Agreements (SLA) with all Foreign
          Networks it wants its users to roam in.

     *    Support a policy that allows 'hiding' the user's location.
          This policy will mandate that the home be an anchor point for
          datagrams sent to it's users while they are roaming.


2.2.1.  Home Network Mobility Components

     The following describes some functions associated with the
     components of the Home network.

     *    Mobility Management (MM)

          Mobility management is comprised of two high level concepts,
          1) mobile user location tracking and 2) performing routing
          update functions for mobile nodes. These functions are very
          similar to what Home Agents do in [2] and what Home Location
          Registers do in wireless networks, with some enhancements. The
          location tracking function of the MM expects to receive a
          single mobile user registration message from the foreign



Becker, Patil, Qaddoura   Expires April, 2000                   [Page 7]


Internet-Draft     IP Mobility Architecture Framework      October, 1999


          networks that is independent of the access network used at the
          foreign network. This is true for all messages sent from the
          foreign networks to the home networks. The architecture
          supports the concept of a centralized location tracking
          function for the home network. However, the architecture does
          not preclude the idea of having a distributed location
          tracking function.

     *    AAA+

          The protocol used to send messages between a foreign network
          and a home network is the AAA+ protocol, with extensions to
          support mobility management (hence AAA+). Another important
          concept used within the AAA+ framework is that the AAA+
          between a foreign network and a home network. This single
          security association can be used to alleviate the need for
          security associations between mobile IP FA and HA components
          and dynamic session key establishment as suggested in [2] and
          [4]. The AAA+ protocol and server may also interface with the
          mobility agents in the network in order to assist in the
          generation and transfer of session keys used in the network by
          the mobile node and the network components in the serving and
          home network for encryption and privacy as suggested in [10].
          It is suggested that the security framework be based on IPSec
          as suggested in [11].

     *    Authentication Server

          The authentication server is a combination of certificate
          authority, key management system, and digital signature
          verification server. The authentication server receives
          roaming mobile user authentication requests via the AAA+ and
          authenticates the user.

     *    Unified Directory

          The Unified Directory is the database that contains all the
          home user's subscriber profiles, network policies, and any
          other data that needs to be stored at the Home Network. The
          subscriber profiles in the directory are independent of the
          access network association. Access to data in the Unified
          Directory from other components within the network is via a
          single protocol, LDAP.

     *    DHCP

          In the Home Network, the DHCP server may be used to assign IP
          addresses to roaming mobile stations that do not have a



Becker, Patil, Qaddoura   Expires April, 2000                   [Page 8]


Internet-Draft     IP Mobility Architecture Framework      October, 1999


          permanently configured IP.

     *    DNS

          In the home network, Dynamic DNS is the protocol used to
          update DNS with a roaming user's mobile node allocated IP
          address. If the home network is responsible for allocating the
          IP address, DNS is updated by DHCP. If the foreign network is
          responsible for allocating the IP address, the home network
          mobility manager will update DNS.

     *    Security gateway

          The security gateway performs all the necessary 'firewall'
          functions.


2.3.  Foreign Network

     The Foreign Network is very similar in concept to the foreign
     network defined in [2] and the foreign network defined in the
     wireless networks. Basically, the Foreign Network is a combination
     of the two with some extensions.

     Some of the relevant functions of the Foreign Network as they
     relate to mobility are:

     *    It is the serving area network for one or more access
          networks.

     *    It can support multiple Access Networks (AN), where each AN is
          associated with a different technology, e.g. one AN may be a
          CDMA RAN, another AN may be GSM RAN.

     *    Provides mobility management for mobility within the access
          networks that it serves.

     *    Provides local services.

     *    Routes data to the mobile user via the access link that the
          mobile node is currently attached to.

     *    Routes data that is sent by the mobile user.

     *    Allocates IP address to be used by the mobile nodes if allowed
          by policy.

     *    Support for the establishment of Service Level Agreements



Becker, Patil, Qaddoura   Expires April, 2000                   [Page 9]


Internet-Draft     IP Mobility Architecture Framework      October, 1999


          (SLA) with all Home Networks that want to allow their user to
          roam within the foreign network.

     *    Support for user authentication to be provided by at the
          foreign network after the user initially registers.


2.3.1.  Foreign Network Mobility Components

     The following describes some functions associated with the
     components of the Foreign Network.

     *    Mobility Management (MM)

          Foreign Network's mobility management is comprised to three
          high level concepts, mobile user location tracking within the
          foreign network, handoffs between foreign networks, and
          performing routing update functions for datagram delivery to
          the access network/mobile node. These functions are very
          similar to what Foreign Agents do in [2], with some
          enhancements. The location tracking function of the MM expects
          to receive the same formatted mobile user registration message
          from each of the heterogeneous access network. The
          architecture supports the concept of a centralized location
          tracking function within the foreign network. However, the
          architecture does not preclude the idea of having a
          distributed location tracking function.

     *    AAA+

          The protocol used to send messages between a foreign network
          and a home network is the AAA protocol, with extensions to
          support mobility management (hence AAA+). Another important
          concept used within the AAA+ framework is that the AAA+
          between a foreign network and a home network. This single
          security association can be used to alleviate the need for
          security associations between mobile IP FA and HA components
          and dynamic session key establishment. It is suggested that
          the security framework be based on IPSec.

     *    DHCP

          In the Foreign Network, the DHCP server may be used to 1)
          assign co-located care of addresses to private network mobile
          nodes and 2) if policies indicate, assign IP addresses to
          roaming mobile stations that do not have a permanently
          configured IP.




Becker, Patil, Qaddoura   Expires April, 2000                  [Page 10]


Internet-Draft     IP Mobility Architecture Framework      October, 1999


     *    Security Gateway

          The security gateway performs all the necessary 'firewall'
          functions. It supports ESP IPSec security associations with
          other network security gateways.


2.4.  Access Network

     The Access Network defines the 'layer 2' access technology used by
     a user to gain access to a Foreign Network. The access network can
     be one of several types:

     *    North American Cellular and GSM radio access networks (and
          their evolution to 3rd generation)

     *    802.11 wireless LAN access

     *    802.3 wireline LAN access

     *    Dial-up network access

     Figure 1 above only depicts an access network associated with a
     wireless network.


2.5.  IP Network

     The IP network provides the routing of datagrams between Home
     Networks and Foreign Networks. The IP network can be the public
     Internet or a closed network such as those defined in IMT2000
     standards.


2.6.  Mobile Nodes

     It can be argued that all nodes in the future will be mobile, or at
     least have the potential to be mobile. Stationary nodes, generally
     called correspondent nodes in [2], will only have to be equipped
     with the appropriate access specific PC card(s) and software that
     can perform the network registration functions.

     The mobile node's interface(I/F) cards provide the 'layer 2'
     interface to the specific  access network. For each of the access
     network types, there is a layer 2  address associated with the I/F
     card so the access network and mobile node are able  to uniquely
     address each other. Mobile node software will need to determine
     when and which access networks are available and perform the



Becker, Patil, Qaddoura   Expires April, 2000                  [Page 11]


Internet-Draft     IP Mobility Architecture Framework      October, 1999


     appropriate registration functions.

     Both types of nodes will have to support tunneling, e.g., IP in IP
     encapsulation [9], to a roaming mobile node's care-of addresses.
     This will help alleviate the triangle routing (anchor points)
     issue.


2.7.  User Identification

     The architecture suggests user identities be based the Network
     Access Identifier (NAI) as defined in [1]. The NAI allows for a
     highly flexible definition of a user which does not restrict user
     identities to digits only.


3.  Conclusion

     The architecture defined in this document provides a foundation
     that will allow true seamless roaming within a mobility enabled IP
     network.

     Some of the advantages provided by the architecture are:

     *    A user may have a single subscription with a home network that
          allows for roaming within all foreign networks that have
          service level agreements with the home network.

     *    Mobility being based on the user, not the device used by the
          user.

     *    A single security framework based on IPSec and used by the
          AAA+ server to minimize other security associations and the
          use of dynamic session keys.

     *    The ability to alleviate routing anchor points and support for
          policies that allow the hiding of users by allowing routing
          anchor points.

     *    Users to truly roam seamlessly between heterogeneous access
          networks.


4.  Acknowledgements

     The authors would like to thank Russ Coffin, Mary Barnes, and Lachu
     Aravamudhan of Nortel Networks and John Myhre of ATT Wireless
     Services for their useful discussion.



Becker, Patil, Qaddoura   Expires April, 2000                  [Page 12]


Internet-Draft     IP Mobility Architecture Framework      October, 1999


5.  References


     [1]  B. Aboba, M. Beadles, "The Network Access Identifier" RFC
          2486, January 1999.

     [2]  C. Perkins, "IP Mobility Support", RFC 2002, October 1996.

     [3]  P. Calhoun, C. Perkins, "Mobile IP Dynamic Home Address
          Allocation Extension", draft-ietf-mobileip-home-addr-alloc-
          00.txt, November 1998.

     [4]  P. Calhoun P, C. Perkins, "Mobile IP Foreign Agent
          Challenge/Response Extension", draft-ietf-mobileip-challenge-
          04.txt, October 1999.

     [5]  P. Calhoun, G. Zorn, P. Pan, H. Akhtar, "DIAMETER Framework",
          Internet-Draft, draft-calhoun-diameter-framework-03.txt,
          October 1999.

     [6]  C. Perkins, D. Johnson, "Route Optimization in Mobile IP",
          Internet Draft, ietf-mobileip-optim-08.txt, February 1999.

     [7]  B. Aboba, et al, "Review of Roaming Implementations", RFC
          2194, September 1997.

     [8]  P. Calhoun, W. Bulley, "DIAMETER Dial-up (Roamops)
          Extensions", Internet-Draft, draft-calhoun-diameter-authent-
          07.txt, October 1999

     [9]  W. Simpson, "IP in IP Tunneling", RFC 1853, October 1995.

     [10] M. Khalil, R. Narayanan, E. Qaddoura, H. Akhtar, "Key Exchange
          for Network Architectures (KENA)", Internet-draft, draft-
          mkhalil-mobileip-kena-00.txt, October 1999

     [10] B. Patil , R. Narayanan, E. Qaddoura, "Security
          Requirements/Implementation Guidelines for Mobile IP Using IP
          Security", Internet-draft, draft-bpatil-mobileip-sec-guide-
          00.txt, June 1999











Becker, Patil, Qaddoura   Expires April, 2000                  [Page 13]


Internet-Draft     IP Mobility Architecture Framework      October, 1999


6.  Authors' Addresses

     Questions about this document can be directed to:

     Carey B. Becker                         Basavaraj Patil
     Nortel Networks                         Nortel Networks
     2201 Lakeside Blvd.                     2201 Lakeside Blvd.
     Richardson, TX.  75082-4399             Richardson, TX.  75082-4399

     Phone: 972-685-0560                     Phone: 972-684-1489
     email: becker@nortelnetworks.com        email: bpatil@nortelnetworks.com


     Emad Qaddoura
     Nortel Networks
     2201 Lakeside Blvd.
     Richardson, TX.  75082-4399

     Phone: 972-684-2705
     email: emadq@nortelnetworks.com































Becker, Patil, Qaddoura   Expires April, 2000                  [Page 14]


Html markup produced by rfcmarkup 1.129d, available from https://tools.ietf.org/tools/rfcmarkup/