Re: [DMM] Comments on DMM Gap Analysis.

["Zuniga, Juan Carlos" <JuanCarlos.Zuniga@InterDigital.com>]

Good point Pete, although I'm not sure the title can fit... We'll look for an alternative to reflect the actual content.

Thanks,

Juan Carlos

> -----Original Message-----
> From: Peter McCann [mailto:Peter.McCann@huawei.com]
> Sent: Wednesday, September 19, 2012 3:54 PM
> To: Zuniga, Juan Carlos; pierrick.seite@orange.com;
> karagian@cs.utwente.nl; jouni.nospam@gmail.com; dmm@ietf.org; h chan
> Cc: dmm-chairs@tools.ietf.org
> Subject: RE: [DMM] Comments on DMM Gap Analysis.
> 
> Maybe the document should be entitled "Existing IP Mobility Practices
> and DMM Gap Analysis."  I am not sure there are any "DMM Practices"
> currently.
> 
> -Pete
> 
> Zuniga, Juan Carlos wrote:
> > Hi Pierrick, all,
> >
> > The document title is "DMM Practices and Gap Analysis", and the
> > intention is to address both. When we presented at the meeting it I
> > made it clear that we wanted to show our approach to the problem,
> > which was first to agree on what are the "current practices" that we
> > want to consider, and then provide a "gap analysis" wrt the DMM
> > requirements document.
> >
> > We are currently working on a new version of the document taking into
> > account the feedback we got at the meeting and on the ML. We will
> > provide more details about the current practices and will take a stab
> > at the gap analysis for discussion.
> >
> > Cheers,
> >
> > Juan Carlos
> >
> >> -----Original Message-----
> >> From: pierrick.seite@orange.com [mailto:pierrick.seite@orange.com]
> >> Sent: Wednesday, September 19, 2012 9:03 AM
> >> To: 'karagian@cs.utwente.nl'; jouni.nospam@gmail.com; dmm@ietf.org;
> >> h.anthony.chan@huawei.com; Zuniga, Juan Carlos
> >> Cc: dmm-chairs@tools.ietf.org
> >> Subject: RE: [DMM] Comments on DMM Gap Analysis.
> >>
> >> Hi Jouni and Julien,
> >>
> >>
> >> Sorry for jumping into the discussion but I'm a little bit confused
> >> with recent discussions in DMM. So, let me ask for clarifications
> >> about the scope of the gap analysis...
> >>
> >> The WG is now tackling with the work item 'Practices and Gap
> Analysis'
> >> and, in my understanding, we are expected to provide a gap analysis
> >> regarding the use of  mobility protocols in a distributed mobility
> >> management environment. However, it seems that the scope of
> discussions
> >> on gap analysis is different.... and I'm confused :-)
> >>
> >> Actually, in the charter, we agreed to firstly "document practices
> for
> >> the deployment of existing mobility protocols in a distributed
> mobility
> >> management environment" and, then, to make the gap analysis.
> However,
> >> considering current discussions on "gap analysis": the document on
> >> practices has been omitted and discussions are about vanilla
> mobility
> >> protocols and architectures with respect to DMM requirements. So,
> >> maybe, such considerations are interesting in the scope of the
> problem
> >> statement, but it seems to me that it is not the goal of the gap
> >> analysis, as initially intended in the charter. Am I missing
> something?
> >>
> >> If I refer to previous DMM charter (because current DMM charter is
> >> empty... BTW, is there a reason for an empty charter?), one Work
> >> item
> >> was: "Document practices for the deployment of existing mobility
> >> protocols in a distributed mobility management  environment". Is
> >> this document still in DMM stuff? If yes, shouldn't we document
> >> practices before going into the gap analysis?
> >>
> >> BR,
> >> Pierrick
> >>
> >>> -----Message d'origine----- De : dmm-bounces@ietf.org
> >>> [mailto:dmm-bounces@ietf.org] De la part de karagian@cs.utwente.nl
> >>> Envoyé : mercredi 19 septembre 2012 13:11 À :
> jouni.nospam@gmail.com;
> >>> dmm@ietf.org; h.anthony.chan@huawei.com;
> >>> JuanCarlos.Zuniga@interdigital.com Cc : dmm-chairs@tools.ietf.org
> >>> Objet : Re: [DMM] Comments on DMM Gap Analysis.
> >>>
> >>> Hi Jouni, Hi all,
> >>>
> >>> After discussing this issue with Carlos Jesús Bernardos and Juan
> >>> Carlos Zuniga, we concluded that the following set of possible
> >>> technologies could be included in the Gap analysis draft:
> >>>
> >>> => Shim6: Level 3 Multihoming Shim Protocol for IPv6
> http://www.rfc-
> >>> editor.org/rfc/rfc5533.txt
> >>>
> >>>
> >>> => LISP Mobile Node
> >>> http://www.ietf.org/id/draft-meyer-lisp-mn-07.txt
> >>> Locator/ID Separation Protocol (LISP)
> >>> http://www.ietf.org/id/draft-ietf-lisp-23.txt
> >>>
> >>> => Mobile IPv6 Fast Handovers
> >>> http://tools.ietf.org/id/draft-ietf-mipshop-rfc5268bis-01.txt This
> is
> >>> the draft that became then RFC5568, so no need to mention it.
> >>> http://www.rfc-editor.org/rfc/rfc5568.txt
> >>>
> >>>
> >>> => Fast Handovers for Proxy Mobile IPv6
> >>> http://www.rfc-editor.org/rfc/rfc5949.txt
> >>>
> >>> => Host Identity Protocol
> >>> http://www.rfc-editor.org/rfc/rfc4423.txt
> >>> http://www.rfc-editor.org/rfc/rfc5201.txt
> >>> http://www.rfc-editor.org/rfc/rfc6253.txt
> >>> http://www.rfc-editor.org/rfc/rfc5206.txt
> >>>
> >>>
> >>>
> >>> => IKEv2 Mobility and Multihoming Protocol (MOBIKE)
> >>> http://www.rfc-editor.org/rfc/rfc4555.txt
> >>>
> >>>
> >>> => GTPv2-C: 3rd Generation Partnership Project; Technical
> >>> Specification Group Core Network and Terminals; 3GPP Evolved Packet
> >>> System (EPS); Evolved General Packet Radio Service (GPRS)
> Tunnelling
> >>> Protocol for Control plane (GTPv2-C); Stage 3 (Release 11)
> >>> http://www.3gpp.org/ftp/Specs/archive/29_series/29.274/29274-
> b30.zip
> >>>
> >>> Please inform us if this list makes sense to you?
> >>>
> >>> Best regards,
> >>> Georgios
> >>>
> >>>
> >>>> -----Original Message-----
> >>>> From: dmm-bounces@ietf.org [mailto:dmm-bounces@ietf.org] On
> > Behalf
> >> Of
> >>>> jouni korhonen
> >>>> Sent: woensdag 19 september 2012 9:58
> >>>> To: dmm@ietf.org; h chan; Juan Carlos Zuniga
> >>>> Cc: dmm-chairs@tools.ietf.org
> >>>> Subject: Re: [DMM] Comments on DMM Gap Analysis.
> >>>>
> >>>>
> >>>> Folks,
> >>>>
> >>>> It has been rather silent on the list recently. Regarding the
> >>>> "explosion" of possible technologies in the GAP analysis, we
> >>>> discussed (chairs)
> >> that
> >>> it is
> >>>> better to scope the area "a bit". The charter today has the
> >>>> assumption that we build on top of existing _IP_ _Mobility_
> protocols
> >>>> (and bunch of IETF defined examples follow). So, to tighten the
> >>>> scope, the Gap
> >> Analysis
> >>> should
> >>>> leave all routing, session  (SIP, ..), transport (MPTCP, SCTP,
> >> DCCP,
> >>> ..),
> >>>> locator/identifier split (HIP, Lisp, ..), naming (DNS tricks,
> >>>> ..)
> >> etc
> >>> based
> >>>> solutions out. Coarse but should help us to make progress. We
> could
> >>>> discuss whether transport layer solution like SCTP fit in but I do
> not
> > see
> >>> them as end-
> >>>> 2-end solutions being deployable in Internet at the moment.
> >>>>
> >>>> Let us stick with  technologies out there that have/had a place
> > in
> >>> sun: few
> >>>> MIP variants, MOBIKE, stuff in 3GPP(2) (oops.. but I think this
> >>>> deserves to be evaluated since they are somewhat popular), and
> what
> >>>> applications do (reconnecting..). This analysis should be down to
> >>>> earth practical
> >> and
> >>> realistic
> >>>> on what is already out there to play with.
> >>>>
> >>>> - Jouni & Julien
> >>>>
> >>>>
> >>>>
> >>>> On Jul 27, 2012, at 3:53 PM, Jong-Hyouk Lee wrote:
> >>>>
> >>>>> Dear Anthony and Juan.
> >>>>>
> >>>>> I enjoyed the both gap analysis documents (draft-chan-dmm-
> >>> framework-
> >>>> gap-analysis-02 and draft-zuniga-dmm-gap-analysis-01). Here I
> > give
> >>> some
> >>>> comments that should be used directly in the gap analysis
> documents
> >>>> if you guys like.
> >>>>>
> >>>>> Kindly consider the followings during the gap analysis
> >>>>> discussion
> >>> (since I will
> >>>> not be attending the IETF meeting this time).
> >>>>>
> >>>>> 1. Comment on address (resource) management in a DMM environment.
> 2.
> >>>>> Comment on a deployment of a client-based mobility solution
> >>> (i.e.,
> >>>> MIPv6) in a DMM environment.
> >>>>> 3. Commnet on neighbor mobility anchors' information in a DMM
> >>>>> environment. 4. Commnet on an establishment of security
> associations
> >>>>> in a
> > DMM
> >>>> environment.
> >>>>>
> >>>>> === 1. Comment on address (resource) management in a DMM
> >>>>> environment. === When existing IP mobility support protocols
> (e.g.,
> >>>>> MIPv6
> > and
> >>> PMIPv6)
> >>>> are considered to be deployed in a DMM environment, a mobile node
> >>>> (MN) is allowed to configure a new address while keeping its
> previous
> >>>> address(es). It introduces the following differences with the
> address
> >>>> (resource) management of the existing ones:
> >>>>>
> >>>>> MN's address configured at the interface with a DMM
> > environment:
> >> n
> >>> =
> >>>>> (IP address at the current access network + previously configured
> IP
> >>>>> address(es) with ongoing sessions) MN's address configured at the
> >>>>> interface without a DMM environment: 1 = (care-of address
> > in
> >> MIPv6
> >>> or
> >>>>> MN's home address in PMIPv6)
> >>>>>
> >>>>> This leads a couple of considerations we didn't have with the
> >>>>> existing IP mobility support protocols. For instance,
> >>>>>
> >>>>> 1) MN's address management: use of a newly configured address
> > at
> >>> the
> >>>> current access network for new communication sessions while a
> proper
> >>>> address selection for previously established ongoing communication
> >>>> sessions.
> >>>>>
> >>>>> 2) Additional treatment for ingress filtering: Ingress
> > filtering
> >> is
> >>> widely used
> >>>> against source address spoofing. The source addresses
> > (especially,
> >>> the
> >>>> network prefix part) of incoming packets are strictly checked to
> >> make
> >>> sure
> >>>> that those packets are actually from the network that they claim
> to
> >>>> be from. As the MN are allowed to send data packets with the
> >>>> previously configured address(es) at the new access network, those
> >>>> data packets would
> > be
> >>> filtered
> >>>> at the ingress filtering place because the source address of
> > those
> >>> data
> >>>> packets is not belonging to the new access network. Accordingly,
> >>>> an additional treatment for ingress filtering is required.
> >>>>>
> >>>>> 3) MN's address increase at the MN's interface: Recall the
> >>>>> number
> >>> of MN's
> >>>> address configured at an interface is n. Then, n is increased,
> >>>> as
> >> the
> >>> MN
> >>>> changes its point of attachment while keeping its ongoing
> >>>> communication sessions. It brings the question: "How many
> addresses
> >>>> are currently possible to be configured at an interface?"
> >>>>>
> >>>>> 4) Routing entry increase at the serving mobility anchor: Let
> >>>>> the
> >>> serving
> >>>> mobility anchor is the mobility anchor serves the MN. Traffic
> >>>> associated to the MN travels via the serving mobility anchor. The
> >>>> increase of the addresses associated to the MN, n, is not only
> >>>> concerning to the MN, but also concerning the serving mobility
> anchor
> >>>> as it contributes the
> >> increase
> >>> of
> >>>> routing entries for the MN.
> >>>>>
> >>>>> === 2. Comment on a deployment of a client-based mobility
> solution
> >>>>> (i.e., MIPv6) in a DMM environment. === When a client-based
> >>> mobility
> >>>> solution (i.e., MIPv6) is consiered to be deployed in a DMM
> >>>> environment, an MN is involved in mobility signaling such as
> Binding
> >>>> Update and Acknowledgement messages. This is the big difference
> with
> >>>> the network- based mobility solution (i.e., PMIPv6). As the MN
> send
> >>>> signaling to inform its movement to its mobility anchor, the
> >>>> client-based mobility solution allows the MN to supply client-
> centric
> >>>> decision for mobility management.
> >>>>>
> >>>>> Suppose that the origin mobility anchor is the mobility anchor
> >>> where the
> >>>> MN has configured its IP address and established ongoing
> >>>> communication sessions with the IP address. The number of origin
> >>>> mobility anchors are n - 1. Recall that the serving mobility
> anchor
> >>>> is the mobility anchor
> >> where
> >>> the MN is
> >>>> being served by. Then, the MN's involvement in mobility signaling
> >>>> brings us the questions: "Should we let the MN send mobilty
> signaling
> >>>> to
> > its
> >>> all mobility
> >>>> anchors?" or "Would it make sense that the MN only sends mobility
> >>>> signaling to its serving mobility anchor?" Depending on the
> choice,
> >>>> we will have different results:
> >>>>>
> >>>>> 1) "MN sends mobility signaling to its all mobility anchors"
> causes:
> >>>>> 1.1 increased mobility signaling load, e.g., signaling * (n - 1).
> >>>>> 1.2 bidirectional tunnels are established between the MN and
> > its
> >>> mobility
> >>>> anchors.
> >>>>> 1.3 tunneling overhead over the air is present.
> >>>>> 1.4 but the tunnels are terminated at the MN so that the MN
> >>>>> has
> >>> control
> >>>> over the tunnels.
> >>>>>
> >>>>> 2) "MN sends mobility signaling only to its serving mobility
> anchor"
> >>>>> causes: 2.1 reduced mobility signaling load, e.g., signaling * 1.
> >>>>> 2.2 bidirectional tunnels are established between the serving
> >>> mobility
> >>>> anchors and origin mobility anchors.
> >>>>> 2.3 tunneling overhead over the air can be avoided.
> >>>>> 2.4 but the MN does not have control over the tunnels so it
> >>>>> might
> >>> affect to
> >>>> NEtwork MObility (NEMO) as the MN (i.e., MR in NEMO) loses the
> >>>> tunneling control.
> >>>>>
> >>>>> === 3. Neighbor mobility anchors' information in a DMM
> environment.
> >>>>> === In the client-based mobility solution such as MIPv6, the
> >>> network
> >>>> topology information does not required to be known to the
> > mobility
> >>> anchor,
> >>>> i.e., home agent (HA), since the HA is informed the current
> >> location
> >>> of the
> >>>> MN. As the HA knows the current location of the MN, it is able to
> >>>> tunnel packets associated to the MN. In the network-based mobility
> >> solution
> >>> such
> >>>> as PMIPv6, the similar things happen, i.e., the tunnel between
> > the
> >>> local
> >>>> mobility anchor (LMA) and the mobile access gateway (MAG) is
> >>>> established for a given MN.
> >>>>>
> >>>>> However, as mobility anchors are distributed and bidirectional
> >>> tunnels (for
> >>>> a given MN) between the distributed mobility anchors are
> > required,
> >>> the
> >>>> neighbor mobility anchors' information should be provided to the
> MN
> >>>> or the mobility anchor for the establishment of the directional
> >>>> tunnels or the update of the MN's current location.
> >>>>>
> >>>>> Decoupling the data plane and control plane while keeping a
> >>> centralized
> >>>> node maintaining the mobility context including neighbor mobility
> >>>> anchors' information (e.g., identification, IP address, etc) in a
> DMM
> >>>> environment is one of possible solutions.
> >>>>>
> >>>>> === 4. Comment on an establishment of security associations in
> > a
> >>> DMM
> >>>>> environment. === For each IP mobility support protocol,
> >>>>> different
> >>> security
> >>>> associations (SAs) are required for providing secure mobility
> >>>> services to MNs as follows:
> >>>>>
> >>>>> 1) MIPv6
> >>>>> 1.1 SA between MN and HA.
> >>>>> 1.2 SA between MN and serving access router (AR) providing
> >> wireless
> >>> link
> >>>> to the MN.
> >>>>>
> >>>>> 2) Fast Handover MIPv6 (FMIPv6)
> >>>>> 2.1 SA between MN and HA.
> >>>>> 2.2 SA between MN and serving AR.
> >>>>> 2.3 SA between previous and new ARs.
> >>>>>
> >>>>> 3) PMIPv6
> >>>>> 3.1 SA between MN and serving MAG.
> >>>>> 3.2 SA between serving MAG and LMA.
> >>>>>
> >>>>> 4) Fast Handover PMIPv6 (FPMIPv6)
> >>>>> 4.1 SA between MN and serving MAG.
> >>>>> 4.2 SA between serving MAG and LMA.
> >>>>> 4.3 SA between previous and new MAGs.
> >>>>>
> >>>>> Note that the above ones do not consider the cases of SA with
> >>>>> a
> >>> security-
> >>>> backend server (e.g., AAA server) and with a correspondent node
> >> (CN).
> >>>>>
> >>>>> However, depending on DMM solutions, SAs are configured that are
> >>>>> different from those of the existing IP mobility support
> protocols.
> >>>>> For instance,
> >>>>>
> >>>>> 1) the case of "MN sends mobility signaling to its all
> >>>>> mobility anchors" (client-based mobility solution)
> >>>>> 1.1 SA between MN and serving mobility anchor providing
> > wireless
> >>> link to
> >>>> the MN.
> >>>>> 1.2 SA between MN and origin mobility anchors, i.e., (n - 1)
> > SAs
> >>> required
> >>>> with MN and origin mobility anchors.
> >>>>>
> >>>>> 2) the case of "MN sends mobility signaling only to its
> >>>>> serving mobility anchor" (client-based mobility solution)
> >>>>> 2.1 SA between MN and serving mobility anchor.
> >>>>> 2.2 SA between serving mobility anchor and origin mobility
> >> anchors,
> >>> i.e., (n
> >>>> - 1) SAs required with serving mobility anchor and origin
> > mobility
> >>> anchors.
> >>>>>
> >>>>> 3) the case of "serving mobility anchor sends signaling on behalf
> of
> >>>>> the MN to origin mobility anchors" (network-based mobility
> solution)
> >>>>> 3.1 SA between MN and serving mobility anchor. 3.2 SA between
> >>>>> serving mobility anchor and origin mobility
> >> anchors,
> >>> i.e., (n
> >>>> - 1) SAs required with serving mobility anchor and origin
> > mobility
> >>> anchors.
> >>>>>
> >>>>> Note that as like before SAs with a security-backend server
> >> (e.g.,
> >>> AAA
> >>>> server) and with a CN are not presented.
> >>>>>
> >>>>> As shown above, DMM solutions (that relies on bidirectional
> >>> tunnelings for
> >>>> packet forwarding between MN and mobility anchors or between
> >>>> just mobility anchors) might bring the key management issues to
> >> establish
> >>> such
> >>>> SAs.
> >>>>>
> >>>>> Since it's a holiday season, I cannot fully address all of
> >>>>> them
> >> in
> >>> my mind, but
> >>>> kindly consider these ones.
> >>>>>
> >>>>> Cheers.
> >>>>>
> >>>>> --
> >>>>> RSM Department, TELECOM Bretagne, France Jong-Hyouk Lee,
> >>>>> living somewhere between /dev/null and /dev/random
> >>>>>
> >>>>> #email: jonghyouk (at) gmail (dot) com
> >>>>> #webpage: http://sites.google.com/site/hurryon/
> >>>>>
> >>>>> _______________________________________________
> >>>>> dmm mailing list
> >>>>> dmm@ietf.org
> >>>>> https://www.ietf.org/mailman/listinfo/dmm
> >>>>
> >>>> _______________________________________________
> >>>> dmm mailing list
> >>>> dmm@ietf.org
> >>>> https://www.ietf.org/mailman/listinfo/dmm
> >>> _______________________________________________
> >>> dmm mailing list
> >>> dmm@ietf.org
> >>> https://www.ietf.org/mailman/listinfo/dmm
> >>
> >>
> >>
> ______________________________________________________________________
> >> _ __________________________________________________
> >>
> >> Ce message et ses pieces jointes peuvent contenir des informations
> >> confidentielles ou privilegiees et ne doivent donc pas etre
> >> diffuses, exploites ou copies sans autorisation. Si vous avez recu
> >> ce message par erreur, veuillez le signaler a l'expediteur et le
> >> detruire ainsi que les pieces jointes. Les messages electroniques
> >> etant susceptibles d'alteration, France Telecom - Orange decline
> >> toute responsabilite si ce message a ete altere, deforme ou
> falsifie. Merci.
> >>
> >> This message and its attachments may contain confidential or
> privileged
> >> information that may be protected by law; they should not be
> >> distributed, used or copied without authorisation. If you have
> received
> >> this email in error, please notify the sender and delete this
> message
> >> and its attachments. As emails may be altered, France Telecom -
> Orange
> >> is not liable for messages that have been modified, changed or
> >> falsified. Thank you.
> >
> > _______________________________________________
> > dmm mailing list
> > dmm@ietf.org
> > https://www.ietf.org/mailman/listinfo/dmm
> 
>