My 2cents...
Requirements:
1) Does location privacy mean that an eavesdropper can't determine physical
location
from looking at the COA?
2) The signaling will have to be robust in the presence of re-ordering due to
the multiple routes
3) Agreed
4) There will probably have to be a lot of access-specific signaling at the
edges. So perhaps
realistically, we can try to minimize end to end signaling?
5) State at peering points between backbone as well, perhaps...
6) This confuses me...mobile IP keeps the mobile's address the same, while the
COA changes.
7) This is SIP territory, and not something that needs to be propagated off the
RAN anyway.
8) Agreed
9) How common are asymmetric routes in practice?
10) Not sure why this is a requirement. Might be a nice feature, but probably
not
required
11) Like when a signaling gateway or node fails? Box-wise redundancy and
failover
should be addresses separately IMO.
12) Not sure that this is required. Authentication on the other hand...
13) Agreed
14) Why? Again, this is not a requirement.
15) Big time agreement
On discussion question 2, I think its fair to assume that some mechanism like
RFC3012
might exist, but SAs between the MN and the visited network will vary based on
access
technology.
Thanks for putting the list together. Its a good start
-Mike
"ext Glenn Morrow" <gmorrow@nortelnetworks.com> on 04/17/2001 11:36:51 AM
Please respond to mip-qos@research.nokia.com
Sent by: "ext Glenn Morrow" <gmorrow@nortelnetworks.com>
To: mip-qos@research.nokia.com
cc: (Mike Borella/MW/US/3Com)
Subject: [MIP-QOS] RE: MIP-QOS MIP QoS Mailing List is Active Now
Here goes a first stab at discussion:
Requirements:
------------
1>
The solution should provide the simultaneous operation of location privacy
and route optimization as dog leg routing can increase unecessary delay -
affect QoS. A person using a mobile node should not have to sacrifice one
for the other.
2>
The signaling should be as fast as possible. Waiting on the dynamic dog-leg
establishment of a security associations to authenticate and authorize a
binding and reservation are occuring is probably not an option.
3>
If at all possible the solution should leverage any existing security
associations that exist and are utilized in networks today in order to speed
up the binding and reservation.
4>
The solution should be as scalable as possible. Any effort to reduce the
amount to signaling and processing through core edge and intermediary
routers should be made. Localization of proxy functions into aggregates and
hierarchical topologies at the edge should be utilized to improve the
scalability.
5>
The solution should be as stateless as possible. States should only be kept
at the edge or pertaining to aggregatations.
6>
The solution should not require an implementation to key any logical data
structures (FIB, RIB, PIB, BC, SIB, etc..) using the source IP address of an
MN as this will change.
7>
This is really a wireless requirement:
In order to provide for unequal protection of media streams on wireless link
layers, the signaling should be able to convey the actual media types used
as part of the flows being reserved.
8>
The solution should allow for both one way and two way reservation when
asymmetric routing is not an issue i.e. a point to point link on the first
hop.
9>
The solution should work with asymmetric routes.
10>
The solution should provide for proxy functions of the signaling with
"older" solutions for backward compatibility and when the signaling is
considered too verbose for a specific link layer.
11>
The solution should provide for fast recovery mechanisms when intermidary
nodes fail.
12>
A method must be provided to encrypt the signaling as it passes to the
affected nodes of the network.
13>
A method must be provided to authenticate the credentials of the signaling
entities.
14>
It should be possible to send an application packet along with the
signaling.
15>
Authorization and Accounting should be treated as separate, decoupled
back-end processes.
Questions to discuss:
--------------------
1>
Should the signaling solution be the same for IPv4 as for IPv6?
2>
What assumptions, if any, can be made about pre-existing security
associations between the MN with its visited and home domains can be made?
3>
What assumptions, if any, can be made about any pre-existing SAs between a
CN and it's visited and home domains can be made?
Hope this helps,
Glenn
Title: RE: MIP-QOS MIP QoS Mailing List is Active Now
Here goes a first stab at discussion:
Requirements:
------------
1>
The solution should provide the simultaneous operation of location privacy and route optimization as dog leg routing can increase unecessary delay - affect QoS. A person using a mobile node should not have to sacrifice one for the other.
2>
The signaling should be as fast as possible. Waiting on the dynamic dog-leg establishment of a security associations to authenticate and authorize a binding and reservation are occuring is probably not an option.
3>
If at all possible the solution should leverage any existing security associations that exist and are utilized in networks today in order to speed up the binding and reservation.
4>
The solution should be as scalable as possible. Any effort to reduce the amount to signaling and processing through core edge and intermediary routers should be made. Localization of proxy functions into aggregates and hierarchical topologies at the edge should be utilized to improve the scalability.
5>
The solution should be as stateless as possible. States should only be kept at the edge or pertaining to aggregatations.
6>
The solution should not require an implementation to key any logical data structures (FIB, RIB, PIB, BC, SIB, etc..) using the source IP address of an MN as this will change.
7>
This is really a wireless requirement:
In order to provide for unequal protection of media streams on wireless link layers, the signaling should be able to convey the actual media types used as part of the flows being reserved.
8>
The solution should allow for both one way and two way reservation when asymmetric routing is not an issue i.e. a point to point link on the first hop.
9>
The solution should work with asymmetric routes.
10>
The solution should provide for proxy functions of the signaling with "older" solutions for backward compatibility and when the signaling is considered too verbose for a specific link layer.
11>
The solution should provide for fast recovery mechanisms when intermidary nodes fail.
12>
A method must be provided to encrypt the signaling as it passes to the affected nodes of the network.
13>
A method must be provided to authenticate the credentials of the signaling entities.
14>
It should be possible to send an application packet along with the signaling.
15>
Authorization and Accounting should be treated as separate, decoupled back-end processes.
Questions to discuss:
--------------------
1>
Should the signaling solution be the same for IPv4 as for IPv6?
2>
What assumptions, if any, can be made about pre-existing security associations between the MN with its visited and home domains can be made?
3>
What assumptions, if any, can be made about any pre-existing SAs between a CN and it's visited and home domains can be made?
Hope this helps,
Glenn