Hello, =
Here are some =
comments on the=20
requirements :
2> I believe =
this can be=20
accomplished with micro mobility protocols which hide the =
mobility to=20
the home network. About the delay to establish the new QoS path, my =
feeling=20
is that it can be done before the IP handoff by some sort of =
predictive=20
reservation scheme (which would be relatively easy to set up in a =
micro=20
mobility domain). The problem here lies when the mobile moves =
between=20
two micro mobility domains. The QOS path may take more time to =
be set=20
up but once again some predictive path could be determined in =
advance.=20
Using micro =
mobility has many=20
advantages one of which is that the qos path is =
not changed in=20
the core (which can then easily use Diffserv since the path is not =
highly=20
dynamic) when you move within a domain. In the domain itself, it =
seems=20
feasible to maintain more states and therefore deal with a =
higher=20
handoff rate.
[Morrow, Glenn=20
]
Most of what you say is =
true and I=20
suspect will likely be supported by the end solution. Your comments =
are in=20
line with requirement #4. I was thinking of the macro problem =
between=20
administrative domains where the signaling goes as far as it needs =
to go at=20
the macro level and across administrative domains. I believe that at =
least=20
bandwidth used must be accounted for on handoff even in the wireline =
case=20
between a small enterprise with 802.11 (perhaps T1 access into =
the=20
premises) and a cellular infrastructure that would have the =
characteristics=20
you describe. The point is that your comment is pointing to the =
solution=20
space of requirement 4 with a large cellular core=20
infrastructure in=20
mind.
4> Micro mobility also =
answers the=20
scalibility problem. Maybe the micro mobility domain can be handled =
with a=20
Diffserv mechanism but i believe the cells themselves should =
maintain more=20
states. This comes to the conclusion that you can use Diffserv on =
the wired=20
part of the network (micro mobility + core) but probably not on the =
wireless=20
link.
[Morrow, Glenn ] I think we are =
saying the=20
same thing with different terminology. I tried to write =
the=20
requirement without referencing the specific semantics of =
a=20
solution.
6> I don't =
understand=20
this. Using the mobile's home address is not fine ?
[Morrow, Glenn=20
] Hmmm - again think macro when the COA changes and how RSVP =
indexes=20
it's state tables and how security indexes SAs and the extent =
to which=20
handoff can occur between access technologies at both the micro and =
macro=20
levels served via separate autonomous systems of cellular and=20
enterprise.
7> More =
protection could=20
be provided if the medium has a a high error rate. In IEEE 802.11, =
many=20
transmission rates (with a more or less robust code -- high rate is =
less=20
robust of course) are used according to the link's quality. Is this =
what is=20
meant in this requirement ? What media should be considered ? =
[Morrow, Glenn=20
] In cellular, as the voice codes go over the air, =
portions of the=20
code words that are "more important" than other portions of the code =
word=20
are actually duplicated and FEC'ed (forward error correction =
mechanisms=20
applied) before they are transmitted over the air. This duplication =
and=20
FECing of these "very important" parts of the code words is commonly =
referred to as unequal protection. If unequal protection was not =
used, your=20
cellular calls would sound like dog-poop and the cellular operators =
would=20
likely not be able to charge as much and an operator who did turn =
this on=20
would likely get more customers and more revenues than an operator =
who=20
didn't.
One of the excuses =
of having to=20
have a layer 5 entity (ex. SIP) intimately associated via signaling =
with the=20
routing equipment on the visited network is this need to have the =
cellular=20
access equipment perform unequal protection on the voice codes as =
they are=20
sent over the air. If you ever want to get rid of this coupling for =
cellular=20
networks, then your reservation/binding scheme will have to convey =
the codec=20
used and the routing equipment will have to be put into the loop of =
this=20
signaling. Another solution people have proposed is to sniff =
the=20
packets all the time - this isn't very good. In order to do =
unequal=20
protection you must know the format of the code words i.e. the =
codec=20
being used. Knowing a traffic class or the delay or the bandwidth =
won't=20
work. There are many codecs and sometimes the codec actually =
consists of=20
multiple codecs. I hope this answers your=20
question.
When=20
we get into the non-mip contengent of the IETF, this will definitely =
come up=20
and a layer 5 solution may end up competing due to this requirement. =
I'd=20
rather people get these issues out on the table and be upfront about =
this=20
earlly on.
8> Is two way =
really an=20
issue ? Maybe for the ACKs ? RSVP deals with duplex links as 2 =
simplex=20
links.
[Morrow, Glenn=20
]
It is an =
issue in that=20
sometimes it is desirable to reduce setup delay =
and bandwidth=20
used over air for signaling when the optimization can =
occur. From=20
my understanding of NSIS, the solution may or may not be based on=20
RSVP. If RSVP can meet the requirement then it can meet the=20
requirement.
9> =
Same comment as=20
8>
[Morrow, Glenn ] Agreed. I'll =
bet we can=20
fit both into one.
14> I believe =
this depends=20
on whether we talk about IPv4 or IPv6. It seems to me that the =
solution is=20
not the same in both cases. When talking about =
IPV4/IPV6=20
being dealt with seperately, i think the principles should be the =
same (esp.=20
if route optimization is a requirement). However, IPv6 has some =
specific=20
functionnalities which we should take advantage of.
[Morrow, Glenn=20
]
There are actually =
some=20
security issues with the current MIPv6 spec pertaining to this =
functionality=20
as well. I know this is a shocking thought but whatever NSIS =
turns out=20
to be may superseed even MIP. This is because NSIS is dealing with =
all of=20
the requirements from the get go. I can actually think of a =
signaling=20
methods for IPv4 that would allow application packet delivery, the=20
initiation of a binding and a reservation. The question is how =
far does=20
NSIS want to go. Also see my question below about same solutions for =
both=20
layer 3 technologies.
Gwendal LE =
GRAND
[Morrow, Glenn=20
]
Thanks Gwendal, =
these were some=20
excellent comments and insights.
Glenn
-------Gwendal LE GRAND-------
mailto:Gwendal.Le-Grand@lip6.fr<=
/A>=20
tel: +33 (0) 1 44 27 75 12
http://www-rp.lip6.fr/~legrand =20
fax: +33 (0) 1 44 27 74 95
Universite Pierre et Marie Curie, =
Laboratoire=20
LIP6-CNRS, Bureau C646
8 Rue du Capitaine Scott, 75015 Paris,=20
France
Requirements:
------------=20
1>
The solution =
should provide=20
the simultaneous operation of location privacy and route =
optimization as=20
dog leg routing can increase unecessary delay - affect QoS. A =
person using=20
a mobile node should not have to sacrifice one for the =
other.
2>
The signaling =
should be as=20
fast as possible. Waiting on the dynamic dog-leg establishment of =
a=20
security associations to authenticate and authorize a binding and=20
reservation are occuring is probably not an option.
3>
If at all =
possible the=20
solution should leverage any existing security associations that =
exist and=20
are utilized in networks today in order to speed up the binding =
and=20
reservation.
4>
The solution =
should be as=20
scalable as possible. Any effort to reduce the amount to signaling =
and=20
processing through core edge and intermediary routers should be =
made.=20
Localization of proxy functions into aggregates and hierarchical=20
topologies at the edge should be utilized to improve the=20
scalability.
5>
The solution =
should be as=20
stateless as possible. States should only be kept at the edge or=20
pertaining to aggregatations.
6>
The solution =
should not=20
require an implementation to key any logical data structures (FIB, =
RIB,=20
PIB, BC, SIB, etc..) using the source IP address of an MN as this =
will=20
change.
7>
This is really a =
wireless=20
requirement:
In order to provide for =
unequal=20
protection of media streams on wireless link layers, the signaling =
should=20
be able to convey the actual media types used as part of the flows =
being=20
reserved.
8>
The solution =
should allow=20
for both one way and two way reservation when asymmetric routing =
is not an=20
issue i.e. a point to point link on the first hop.
9>
The solution =
should work=20
with asymmetric routes.
10>
The solution =
should provide=20
for proxy functions of the signaling with "older" solutions for =
backward=20
compatibility and when the signaling is considered too verbose for =
a=20
specific link layer.
11>
The solution =
should provide=20
for fast recovery mechanisms when intermidary nodes fail. =
12>
A method must =
be provided=20
to encrypt the signaling as it passes to the affected nodes of the =
network.
13>
A method must =
be provided=20
to authenticate the credentials of the signaling entities. =
14>
It should be =
possible to=20
send an application packet along with the signaling.
15>
Authorization =
and=20
Accounting should be treated as separate, decoupled back-end=20
processes.
Questions to discuss:
--------------------
1>
Should the =
signaling=20
solution be the same for IPv4 as for IPv6?
2>
What =
assumptions, if any,=20
can be made about pre-existing security associations between the =
MN with=20
its visited and home domains can be made?
3>
What =
assumptions, if any,=20
can be made about any pre-existing SAs between a CN and it's =
visited and=20
home domains can be made?
Hope this helps,
Glenn =